Master Content Writer

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable writing template for Chinese social-media drafts, with only minor scope and metadata notes.

Install only if you want help drafting Chinese social-media content. Be aware that ambiguous writing prompts may produce platform-style Chinese drafts, and verify the package identity because the metadata slug/version does not perfectly match the SKILL.md.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The activation triggers include generic phrases like '写文章', 'generate content', and 'create article', which can match many ordinary writing requests unrelated to Chinese social-media drafting. In agent environments, overly broad auto-activation can cause the skill to intercept prompts outside its intended scope, leading to incorrect behavior, unwanted steering toward platform-specific output, and possible policy bypass through tool misrouting.

Natural-Language Policy Violations

Medium

Confidence: 76% confidence
Finding: The skill description hard-codes Chinese social-media output without stating that language and locale should be confirmed with the user. This can cause the agent to override user expectations or route content generation into a specific language/market context by default, which is a scoping and consent issue, though not typically a severe security flaw by itself.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal