55海淘返利助手

Security checks across malware telemetry and agentic risk

Overview

This is a simple Chinese-language 55haitao cashback and coupon helper with no executable code or hidden system access.

Reasonable to install if you want a Chinese-language 55haitao cashback helper. Before using rebate links or coupon information, verify merchant URLs, rebate rates, coupon validity, withdrawal terms, and whether links are affiliate or referral links.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger list includes broad shopping-related phrases such as '海淘返利' and '海淘优惠' that can match ordinary user requests about overseas shopping deals, causing the skill to activate when the user may not specifically intend to use this tool. Overbroad activation can route unrelated queries into a commercial cashback workflow, increasing the risk of unintended promotion, irrelevant responses, or misuse of user shopping intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal