Security audit

门店目标追踪分析

Security checks across malware telemetry and agentic risk

Overview

This skill appears useful for store BI analysis, but it can access broader business data than its stated store-level scope clearly discloses.

Review before installing. Only use this skill where the operator is authorized to access the BI API and organization-wide metrics, and prefer limiting it to store-level data unless broader city, province, region, or group analysis is explicitly intended.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The skill advertises store target tracking, but the implementation can query city, province, region, and group BI data as well. This expands access beyond the declared scope and can expose broader business intelligence through an interface users may reasonably assume is limited to store-level analysis, creating an over-privilege and data minimization issue.

Missing User Warnings

Medium

Confidence: 82% confidence
Finding: The skill performs network retrieval of BI data without any user-facing disclosure or consent cue. In an agent setting, silent outbound data access can surprise users, obscure data provenance, and increase the risk of unauthorized or unintended access to sensitive operational metrics.

VirusTotal

50/50 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.