word-chinese-automation

Security checks across malware telemetry and agentic risk

Overview

The available evidence points to a document-proofreading skill that can write corrected .docx files, which is purpose-aligned but should be used with review of the output.

Install only if you want the skill to edit documents, not merely inspect them. Keep originals backed up and review the corrected .docx before relying on it, especially because the referenced artifact files were not present for direct inspection in this workspace.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: The script does more than passive proofreading: it programmatically rewrites document contents and saves a modified .docx file. In an agent-skill context advertised as '校对/检查' (checking/proofreading), this is a capability mismatch that can lead to unintended integrity-impacting file changes if invoked automatically or without explicit user consent, especially because the replacement modes can apply broad text substitutions across paragraphs and tables.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal