通勤生存指南

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent commute helper, but it records detailed location history and under-discloses sending license plates to Amap.

Install only if you are comfortable sharing commute addresses/coordinates, and optionally license plate numbers, with Amap for route and restriction checks. Treat commute_log.json as sensitive location history; delete it regularly or ask the agent not to create/update it unless you explicitly want monthly reports.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 98% confidence
Finding: The privacy statement is materially inaccurate because the skill explicitly documents sending full license plate numbers to the external Amap API for restriction checks. License plates are personal data in many contexts, so understating what is transmitted can mislead users into sharing sensitive information without informed consent.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill persistently stores detailed commute history in a local JSON file, including timestamps, origin/destination, coordinates, travel mode, and weather, without a prominent warning or consent at the point of collection. This creates a privacy and safety risk because commute records can reveal home/work locations, routines, and presence patterns if accessed by other local users, malware, or backup/sync systems.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal