知识星球助手

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for Knowledge Planet automation, but it can publish posts from a logged-in account without a clear final user confirmation.

Review before installing. Use only with the intended Knowledge Planet account, require the agent to show the target group and exact post content before publishing, and log out or clear the browser session when finished.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger list includes broad everyday terms such as '发帖' and '星球登录', which can cause the skill to activate in contexts the user did not intend, especially when discussing posting or login generically. Because this skill can perform real external actions on zsxq.com, accidental invocation increases the risk of unintended navigation, login flow initiation, or content publication.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The instructions say posting should be completed directly without screenshots and do not warn that this immediately changes content on an external platform. In a skill that automates publishing, lack of explicit user confirmation and visibility before submission can lead to unintended or irreversible posts under the user's account.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal