Security audit

OPC赛事活动追踪

Security checks across malware telemetry and agentic risk

Overview

This skill is an event-tracking tool that clearly discloses local storage and optional submission of event data to an OPC public event pool.

Install only if you are comfortable storing an OPC API key locally and publishing submitted event information to the OPC public pool. Leave upload disabled if you only want local tracking, and avoid adding private or confidential event sources.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (6)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger list includes very broad everyday terms such as “赛事”, “比赛”, and “活动”, which can cause accidental invocation in unrelated conversations. In a skill that can automatically extract data, persist local records, and submit to a public event pool, unintended activation increases the risk of unauthorized collection or publication of information.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The README advertises one-click submission to a public event pool and local Markdown/JSON history storage, but does not prominently warn users that their provided links or extracted content may be stored locally and transmitted externally. This weakens informed consent and can lead to accidental disclosure, especially when the skill is triggered from ordinary chat and performs automatic processing.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: Several trigger phrases are broad everyday terms like '赛事', '比赛', and '活动', which can cause the skill to activate on unrelated user conversations. Because the skill can fetch URLs, write local files, and potentially upload to a remote service, accidental activation increases the chance of unintended network actions or data processing.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The secondary trigger configuration includes 'OPC', which is especially vague and likely to collide with benign mentions of the acronym. In a skill that supports remote queries and uploads, such imprecise triggering can unexpectedly invoke network operations or expose stored API-backed behavior without clear user intent.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The workflow explicitly instructs another AI to take a user-supplied X-API-Key and use it in outbound requests to a third-party domain. While API use is the intended feature, the document provides no user-facing consent, no guidance on secure secret handling, and no restrictions on logging, storage, or redaction, which creates a real credential-exposure risk in agentic environments.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The script automatically submits newly discovered events to a public OPC endpoint whenever `upload_enabled` and an API key are present, without a per-run or per-item confirmation step. This can cause unintended external data disclosure, surprise network side effects, and unauthorized publication of scraped or incorrectly parsed content, especially because the data originates from remote sources and parser heuristics.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal