代码审查 89d9f5

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only code review learning guide with overly broad activation wording but no executable, credential, persistence, or data-access behavior.

Install only if you want a lightweight Chinese code review tutorial skill. Be aware it may activate on generic OpenAI or code-review conversations; narrowing the trigger to explicit Codex code-review tutorial wording would reduce noise.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

High

Confidence: 97% confidence
Finding: The top-level trigger includes very broad phrases such as '代码审查 / OpenAI / Codex教程', which are common conversational terms and likely to match unrelated user requests. This can cause unintended skill activation, injecting irrelevant or untrusted guidance into unrelated sessions and creating a prompt-scope hijack risk if the skill is auto-loaded by keyword.

Vague Triggers

Medium

Confidence: 98% confidence
Finding: The activation conditions are ambiguous and overly permissive, including ordinary phrases like '用户说"代码审查"' and '用户说"OpenAI"'. In a system that auto-selects skills from markdown conditions, this increases the chance of accidental activation and cross-context prompt injection from a skill whose content is largely aggregated, duplicated, and not tightly curated.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal