Back to skill

Security audit

敏感词筛查-CMT

Security checks across malware telemetry and agentic risk

Overview

This skill locally checks user-selected documents for sensitive words and saves highlighted output, with no evidence of hidden network, credential, or destructive behavior.

Before installing, users should understand that the skill reads the documents they provide and writes highlighted versions to disk. Choose an explicit output folder and keep backups if the original document is in the same folder or already exists at the output path.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill clearly instructs the agent to create and save annotated output files, but it does not declare any permissions reflecting file-write capability. This mismatch can undermine permission gating, auditability, and user awareness, especially because the skill processes user-supplied files and writes modified copies to disk.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger list includes broad everyday terms such as '检查' and '审核', which can cause the skill to activate in contexts unrelated to sensitive-word scanning. Over-broad invocation increases the chance of unintended file processing or modification workflows being proposed without the user's specific intent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill description explains that it outputs annotated files, but it does not prominently warn users that their documents will be modified or that new marked-up copies will be created. For document-processing skills, insufficient disclosure can lead to accidental handling of sensitive files and unexpected persistence of modified content on disk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.