Security audit

酒店采购价格监控

Security checks across malware telemetry and agentic risk

Overview

This is a coherent hotel procurement price-checking skill that uses external searches for price data, with privacy and accidental-trigger caveats but no evidence of hidden or harmful behavior.

Install only if users understand that searched product names may leave the local environment. Avoid entering confidential supplier plans, internal product names, or sensitive cost details, and use explicit procurement-specific prompts to reduce accidental activation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (6)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The activation phrases include very generic terms such as '多少钱' and '价格查询', which overlap heavily with normal conversation and can trigger the skill unintentionally in unrelated contexts. In an agent environment with web access and external data fetching, this increases the risk of unsolicited execution, unnecessary network activity, and accidental disclosure of user intent or queried items to third-party sources.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The activation phrases include very generic terms such as “多少钱”, “比价”, and “市场价”, which are common in normal conversation and can cause unintended invocation. In a skill that performs web searches and fetches across multiple sources, accidental triggers can lead to unnecessary external requests, confusing responses, and unintended disclosure of user shopping or procurement intent in context sent to tools.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The script sends the user-provided product term to an external web search service without clearly warning the user that their input will leave the local environment. If users enter sensitive procurement terms, internal product names, or confidential sourcing interests, this may disclose business-sensitive information to third parties and logs outside the operator's control.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: This additional search path also transmits the supplied product name to an external service without disclosure or consent. Repeated searches amplify the privacy and confidentiality risk because the same potentially sensitive term is sent to multiple third-party endpoints or logged multiple times.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The ecommerce lookup sends the product query externally with no explicit disclosure, which can expose procurement targets, planned purchases, or internal inventory interests. In a hotel purchasing context, such information may reveal pricing strategy or supplier research activity to external providers.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The cost-breakdown search is especially sensitive because users may search for commercially confidential products, BOM-related terms, or margin-related intelligence, and this is sent to an external service without warning. That can leak strategic sourcing interests or proprietary analysis topics beyond the system boundary.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal