Back to skill

Security audit

daily-gushiwen

Security checks across malware telemetry and agentic risk

Overview

This skill appears to fetch public classical-poetry content from gushiwen.cn, with no evidence of hidden persistence, credential use, destructive behavior, or unrelated data access.

Install only if you are comfortable with the skill making outbound requests to gushiwen.cn when you ask for daily or selected classical-poetry content. Prefer a version that narrows its trigger wording and uses a scoped web-fetch mechanism instead of shell exec, but the reviewed evidence does not justify treating it as malicious or requiring Review.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description and trigger semantics are broad enough that the agent may invoke this skill for loosely related requests such as general poetry recommendations, causing unintended network access and responses that do not match user intent. In an agent environment, ambiguous routing can become a security and safety issue because it expands the situations where external content is fetched and emitted without sufficiently clear user consent.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The usage section lists incomplete and fuzzy trigger scenarios like '需要获取古诗文网首页的精选内容', which leaves substantial room for interpretation by orchestration logic. This can lead to misfires, unnecessary browsing to a third-party site, and sending scraped content in contexts where the user did not specifically request this skill's behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.