中文去AI味 Pro

Security checks across malware telemetry and agentic risk

Overview

This skill is a local Chinese writing assistant whose scripts analyze user-provided text and generate rewrite prompts without hidden network, credential, or persistence behavior.

Reasonable to install for local Chinese rewriting workflows. Choose output paths carefully because the output option can overwrite an existing file, and avoid sending private drafts to an external AI service unless that sharing is intentional.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 78% confidence
Finding: The script writes to a user-supplied path using shell redirection without checking whether the destination already exists, which can silently overwrite local files if the caller makes a mistake or if the path is influenced by untrusted input. In this skill's context the danger is limited because the path is explicitly provided by the user and there is no privilege escalation, but accidental data loss is still a real integrity issue.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal