Back to skill

Security audit

工具软件教程自动生成器

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it searches for tutorial resources and creates a local HTML tutorial report, with no evidence of hidden credential access, exfiltration, persistence, or destructive behavior.

Install this if you want a skill that automatically researches Chinese-language tutorial sources and writes a single HTML tutorial report. Be mindful that generic tutorial requests may activate it and that it saves the generated report in the workspace root, so check the filename before reusing the same tool name.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger list includes very generic phrases such as “XX教程”, “XX入门”, and “how to use XX”, which can match many ordinary requests and cause the skill to activate when the user did not intend to invoke it. Over-broad auto-activation increases the chance of unnecessary web searches and file generation, expanding the skill’s authority and side effects without clear user consent.

Vague Triggers

High
Confidence
96% confidence
Finding
The workflow says to activate immediately whenever any listed phrase appears, with no boundary checks, opt-in confirmation, or context validation. This makes unintended invocation more likely and can lead directly to external searches and writing an HTML file, turning casual mentions into actions with observable side effects.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill instructs saving a generated HTML file to the workspace root without warning the user first or obtaining explicit consent for the write. Silent file creation is a security-relevant side effect because it can clutter or overwrite user workspace expectations and may be chained with unintended activation to produce unwanted artifacts.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.