Back to skill

Security audit

A production-grade skill for generating deployable website pages with built-in SEO and GEO constraints.

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable SEO page-writing skill with disclosed behavior; its main caveats are broad activation and Chinese-by-default output.

Safe to install for SEO/GEO website page drafting. Users should be aware it may activate for many website-copy requests and will produce Chinese output by default unless they explicitly ask for another language; avoid putting confidential launch plans or sensitive competitive details into optional web research prompts unless that is intended.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill’s trigger criteria are unusually broad, including cases where the user does not explicitly request SEO and many generic website-writing tasks. This can cause unintended invocation, which may override more appropriate skills, produce irrelevant outputs, or amplify unsafe instructions at the wrong time. In this context, the issue is operational rather than overtly malicious, but the wide trigger surface increases risk because the skill is designed to take over common content-generation workflows.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The skill mandates Chinese output by default unless the user asks otherwise, which can conflict with user expectations, platform language policies, or downstream workflows expecting another language. This is risky because it silently changes response language without opt-in, potentially degrading usability, causing compliance issues, and creating incorrect outputs for multilingual or non-Chinese contexts. The surrounding skill context makes this more dangerous because it is intended for broad, production-grade website page generation across many ordinary requests.

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The contract explicitly states that all page-generation tasks must follow this document and the document is written as a mandatory Chinese-only output specification, with no user-language choice or justified locale restriction. In a general-purpose page-generation skill, this can cause unintended language overriding, producing unusable or misleading outputs for users expecting another language and potentially breaking downstream publishing, review, or compliance workflows.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.