拆书素材提炼

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed, instruction-only Chinese book-material extraction skill with no executable code, credentials, persistence, or hidden data access.

Install this if you want Chinese book-to-writing-material workflows. Avoid pasting copyrighted full books or sensitive private notes, and review any downstream $deep-writer handoff before using it for publication.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The default prompt and short description define the skill in very broad terms: any book, excerpt, reading note, or link can trigger transformation into writing materials, with no exclusions, consent checks, or boundaries around copyrighted, sensitive, or inappropriate inputs. This can cause the agent to over-apply the skill in contexts where summarization, translation, extraction, or rights-sensitive content handling would be safer, leading to misuse or policy drift rather than direct code execution risk.

Natural-Language Policy Violations

Medium

Confidence: 90% confidence
Finding: The prompt hard-requires Chinese output and specific Chinese-form materialization without indicating that this depends on user preference. This can override the user's language choice or downstream system expectations, causing unintended disclosure, usability issues, or incorrect task execution in multilingual environments.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal