JD Shopping

Security checks across malware telemetry and agentic risk

Overview

This JD shopping skill is clearly scoped to product research and cart preparation, with checkout, payment, login, and credential handling reserved for the user.

Install only if you are comfortable letting the agent browse JD pages and, after your explicit confirmation, add or adjust cart items in a browser session where you logged in yourself. Do not let it handle login codes, passwords, address selection, checkout, order confirmation, or payment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: `allow_implicit_invocation: true` enables the shopping skill to be auto-selected without clear trigger boundaries, which can cause the agent to activate in broader contexts than the user intended. Because this skill can browse products, inspect listings, and prepare carts in a logged-in browser session, ambiguous invocation increases the risk of unintended commercial actions, privacy exposure, or user-confusing behavior even if checkout is excluded.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal