Security audit

Jiaoyifu Workplanning

Security checks across malware telemetry and agentic risk

Overview

This is a planning-document skill that discloses its markdown file workflow and shows no evidence of hidden access, exfiltration, destructive behavior, or credential use.

Install only if you want a structured planning/report workflow that creates local markdown files. Use a dedicated project folder, confirm the directory before allowing writes, and avoid including sensitive business data unless you intend it to be saved or uploaded to Coze.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrases are very broad, generic planning terms that are likely to appear in ordinary user requests. This can cause the skill to activate unexpectedly and steer unrelated conversations into this skill’s workflow, creating prompt-routing confusion and increasing the chance of unintended file-writing or workflow side effects described elsewhere in the skill.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The README states that each module is immediately written to a .md file, but it does not clearly warn users that the skill may modify files as part of normal operation. Undisclosed file writes reduce user awareness and consent, and in combination with broad triggers can lead to unexpected persistence of potentially sensitive planning content in the workspace.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger examples include a catch-all phrase like "xxx方案", which can cause the skill to activate for many unrelated requests that merely contain the word "plan/proposal." In an agent environment, overly broad routing can override a more appropriate specialized skill, producing incorrect outputs or causing unintended file-writing workflow to begin.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The keyword list is broad and unconstrained, with common business terms such as work planning, reporting, review, growth strategy, and goal decomposition. Because there are no exclusion conditions or disambiguation thresholds, the skill may trigger on a wide range of ordinary conversations and route users into a rigid planning workflow that is not appropriate for their request.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal