Security audit

法律文书生成器

Security checks across malware telemetry and agentic risk

Overview

This legal-document skill is not malware, but it makes strong compliance and safety claims while generating high-stakes legal templates without clear limits or review warnings.

Install only if you understand it is a template generator, not a lawyer. Do not sign, submit, or rely on generated divorce, debt, labor, court, or property documents without checking local law and getting qualified legal review. The clean VirusTotal and static scan results reduce malware concern, but they do not validate the legal accuracy or the artifact's self-attested safety claims.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill generates legal documents that can directly affect a user's rights, obligations, and litigation posture, but it does not warn users that outputs may be incomplete, jurisdiction-specific, or require qualified legal review. In a legal-document context, omission of this warning can cause users to rely on templates as final legal advice, increasing the risk of harmful filings, unenforceable clauses, or waived rights.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger list contains very broad legal phrases such as '法律文书', '合同模板', and common document names that are likely to appear in ordinary user conversations, which can cause unintended invocation of the skill. In a legal-assistance context, accidental triggering is risky because users may be routed into template generation without clear intent, increasing the chance of inappropriate legal-form output or overreliance on boilerplate documents.

Natural-Language Policy Violations

Low

Confidence: 87% confidence
Finding: The description claims the service is '100% compliant' and the metadata includes phrases like '安全替代', 'NOT Suspicious', 'CLEAN', and '已通过...安全审查', which are absolute trust signals without scope, evidence, or limitations. Per the analysis instructions, such self-attesting safety language is a red flag because it can mislead operators or users into overtrusting legal outputs and suppress appropriate scrutiny.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.