Back to skill

Security audit

项目管理助手(PM Assistant)

Security checks across malware telemetry and agentic risk

Overview

This is a coherent project-management assistant, but users should configure privacy, access, and retention rules before using it with real business documents.

Install only in an environment where Feishu bot access, knowledge bases, logs, and archives are permissioned. Avoid real contracts, financial data, customer communications, or employee information until redaction, retention/deletion, and archive access rules are configured.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The workflow explicitly ingests Feishu messages and attachments, extracts structured fields, retrieves historical materials, and records logs/archives, but it does not describe data minimization, sensitive-data handling, retention limits, or user notice/consent. In a project-management context, these inputs commonly contain contracts, pricing, customer communications, and other confidential business data, so silent processing and archival increases privacy, confidentiality, and compliance risk.

Ssd 3

Medium
Confidence
88% confidence
Finding
The instruction that all skill inputs and outputs must be recorded can lead to systematic retention of contracts, meeting notes, customer communications, and other sensitive project data without any stated minimization, redaction, access control, or retention policy. In this skill context, the assistant processes business documents across the full project lifecycle, so broad logging materially increases exposure of confidential and potentially regulated information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.