医疗设备问题报告生成器

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local template generator for medical-device issue reports, with only a minor risk of triggering too broadly.

Before installing, be aware that generic trigger phrases may activate the skill when you are merely discussing issue reports. For medical or customer defect details, avoid including patient identifiers or sensitive field data unless your workflow permits it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger list includes very generic terms such as '问题报告', '缺陷报告', and 'bug 报告', which are likely to appear in ordinary user conversation and can cause unintended skill activation. In a medical-device workflow, accidental invocation can misroute user intent, generate incorrect formal reports, or capture sensitive defect details in the wrong context, increasing operational and compliance risk.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation keyword "问题报告" is broad enough to match ordinary user requests for general help writing or discussing issue reports, which can cause the skill to trigger unexpectedly. In this context, unintended activation could route unrelated medical-device defect discussions into an automated reporting workflow, creating confusion, privacy exposure, or incorrect operational use in a regulated environment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal