Back to skill

Security audit

作文提分大师

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese composition tutoring persona with broad style guidance, but the artifacts do not show hidden access, persistence, destructive behavior, or data exfiltration.

Install this if you want a dedicated Chinese composition coach. Be aware it may apply a strong Chinese tutoring persona and formatting style when selected, so disable or avoid auto-selecting it for neutral writing help, non-Chinese tasks, or unrelated tutoring.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description is broad enough to activate on many generic writing, tutoring, mentoring, or persona-packaging requests, which can cause unintended routing and prompt injection of this persona into unrelated tasks. Over-broad activation is dangerous because it can override user intent, introduce hidden behavioral constraints, and increase the chance that additional referenced files and instructions are loaded when they are not needed.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The skill mandates a fixed Chinese-oriented tone, formatting style, and source-voice behavior without checking the user's language, locale, or stylistic preference. This is risky because it can impose unwanted persona constraints, reduce user control, and cause inappropriate language/style selection in contexts where the user expects neutral or non-Chinese output.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.