Back to skill

Security audit

LingJi运营工单分析

Security checks across malware telemetry and agentic risk

Overview

This is a local ticket-analysis/reporting skill with privacy caveats, but I found no hidden access, exfiltration, destructive behavior, or automatic sharing.

Install it in a dedicated virtual environment, use only authorized LingJi exports, and treat generated PDFs, terminal output, and the temporary HTML file as confidential. Redact names, ticket identifiers, company details, and incident content before sharing, and prefer approved internal channels over consumer messaging apps.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly supports generating and sharing terminal/PDF reports from operational ticket data that includes personal, organizational, and potentially sensitive incident details, yet it provides no warning about data sensitivity, access control, or safe distribution. In this context, omission is risky because users may export and circulate reports through uncontrolled channels such as messaging apps, causing privacy leakage, internal operational exposure, or broader data handling violations.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script prints raw operational ticket details for overdue items, including ticket numbers, current handlers, and timeout metadata, directly to stdout. In many environments stdout is captured by terminals, logs, CI systems, or shared consoles, so this can expose internal operational data and personnel information to users who should only see aggregated analytics.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.