命题工坊

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a competitive-programming helper with broad activation wording, but no evidence of hidden access, persistence, data theft, or destructive behavior was provided or found.

This looks acceptable to install if you want a Chinese competitive-programming or algorithm-contest assistant. Review or narrow its trigger phrases if you only want it active for OI/CSP/NOI/GESP-style tasks, since broad wording may make it activate for unrelated coding questions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger list includes the very generic phrase "编程题", which can cause this skill to activate for many unrelated coding-question requests outside the intended OI/NOI/CSP niche. Over-broad activation increases the chance of prompt hijacking, unintended routing, or policy bypass by invoking a highly specialized skill in contexts it was not designed to handle.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The activation section ends with a catch-all condition like "任何算法竞赛题目需求", which is broad enough to match a large class of requests beyond the skill's stated scope. This makes misrouting more likely and can let adversarial users deliberately trigger the skill in unintended contexts, reducing reliability and weakening safety boundaries between skills.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal