Scifi Writing

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese sci-fi writing helper with no executable code, data access, persistence, or hidden high-impact behavior.

Install this if you want a Chinese-language sci-fi writing assistant. Review the broad trigger wording if you use many writing skills, since it may activate for general sci-fi brainstorming; no evidence shows hidden data access, code execution, persistence, or malicious behavior.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger description is broad enough to match many ordinary requests about science fiction writing, including casual phrasing, which increases the chance of unintended activation. Over-triggering can route users into the wrong skill, causing confusing behavior, policy bypass of intended routing constraints, or accidental disclosure of context to a skill that was not the best match.

Natural-Language Policy Violations

Medium

Confidence: 87% confidence
Finding: The skill is defined entirely in Chinese and does not provide a user-language negotiation path, which can force responses in a language the user did not request. This is primarily a usability and routing safety issue: users may receive content they cannot verify or may misunderstand important output, especially in multi-skill environments where language expectations should be explicit.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal