Short Drama Market Analysis

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only short-drama market-analysis helper with a minor scope issue in broad trigger words, not evidence of harmful behavior.

Safe to install from an agentic-security perspective. Be aware it may activate for broad Chinese phrases like market analysis, and its market numbers or platform-policy claims should be verified against current authoritative sources before making business decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger list includes broad terms like '市场分析' and '热门作品分析' that are common, generic user intents and can cause this skill to activate outside its narrowly intended domain. Over-broad activation increases the chance the skill is invoked on unrelated requests, leading to incorrect routing, unintended file access within the skill context, or misleading market-analysis output when a different skill should handle the task.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal