AI销量预测助手

Security checks across malware telemetry and agentic risk

Overview

This sales-forecasting skill is coherent and disclosed, with ordinary dependency and model-download considerations but no evidence of hidden or harmful behavior.

Before installing, confirm that outbound downloads from PyPI and HuggingFace or the configured mirror are allowed in your environment, especially if your sales files are sensitive. The artifact itself does not show data exfiltration or privileged behavior.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger text is broad enough to activate on generic forecasting or trend-prediction requests, which can cause the agent to invoke this skill in situations the user did not clearly intend. In this skill's context, that mainly creates routing and consent issues rather than direct code-execution risk, but it can still lead to unnecessary model downloads, data handling, or unexpected processing of user-provided files.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The documentation states that the first run downloads a model from HuggingFace or a mirror, but it does not clearly warn that this creates outbound network traffic to a third party. In a data-analysis skill that accepts business sales files, users may reasonably assume fully local processing; missing disclosure can create privacy, compliance, and environment-policy violations when the skill is run in restricted settings.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal