Algorithm Learning Platform Builder | 算法学习平台构建助手

Security checks across malware telemetry and agentic risk

Overview

This is a coherent educational skill for building interactive algorithm learning pages, with only normal disclosure caveats around broad routing and CDN-loaded demo libraries.

Installers should expect this skill to generate structured algorithm explanations and optional runnable HTML demos. Review generated HTML before publishing it, and replace CDN scripts with pinned local copies if offline use, strict privacy, or supply-chain control matters.

SkillSpector

By NVIDIA

Vulnerability Patterns

System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill description is extremely broad and can be invoked for many generic planning, content-generation, or educational requests beyond a narrowly scoped algorithm-teaching use case. Overly broad routing increases the chance this skill is selected in unintended contexts, which can expose internal references, generate unnecessarily complex code/HTML, or bypass safer domain-specific skills.

Direct Prompt Extraction

High

Category: System Prompt Leakage
Content: - `references/request-routing-rules.md` - `references/output-quality-checklist.md` # Output rules ## For planning requests Output should include:
Confidence: 83% confidence
Finding: Output rules

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal