公文格式转换
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed Chinese document-formatting skill that reads user-selected documents or folders and writes formatted DOCX/config outputs without hidden network, credential, or persistence behavior.
Install if you are comfortable letting the skill read the files or folders you explicitly pass to it and create formatted DOCX copies. Avoid pointing it at broad private directories unless you want recursive processing, review generated documents before relying on them, and use normal caution with untrusted legacy Office files because local Office or LibreOffice may open them during conversion.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.