Security audit

China-Apparel & Accessories Factory

Security checks across malware telemetry and agentic risk

Overview

This is a local China apparel sourcing reference with read-only helper code, though its bundled data includes supplier email contacts that users should treat carefully.

Install only if you want a local apparel sourcing reference. Independently verify supplier names, certifications, capacities, and email addresses before business use, and do not use the included contacts for bulk outreach or unsolicited campaigns.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The file includes direct supplier contact email addresses even though the skill is described as a general industry guide. This expands the skill from informational content into actionable lead-generation or direct outreach assistance, which can enable unsolicited contact, spam, social-engineering targeting, or misuse of third-party business contact data.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal