分析Excel表中的申报失败信息，自动生成Word版本的申报运维报告，用于定位问题、统计趋势、提出整改建议。

Security checks across malware telemetry and agentic risk

Overview

This skill appears to read a user-chosen Excel file and create a local Word report, with the main caution being possible overwrite of the chosen output file.

Install only if you are comfortable processing the Excel contents in your local agent environment. Choose a specific output_path, check whether the file already exists before running, and treat the generated report as potentially sensitive because it may summarize operational or申报 failure data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The skill writes a .docx file to a user-specified path and even provides a default output path, but it does not explicitly warn about file creation or possible overwrite behavior. In this context the risk is limited because generating and saving a report is the core purpose of the skill, yet silent overwriting or unexpected writes could still cause data loss or place files in unintended locations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal