CN Trends Aggregator

Security checks across malware telemetry and agentic risk

Overview

This skill coherently fetches public trend lists from named websites and formats them, with no credential access, file mutation, persistence, or hidden behavior found.

Install if you want a live trend aggregator that makes web requests to the listed public sites. Use named sources or explicit trend requests to avoid accidental activation, and only use a proxy you trust because proxy operators can observe traffic.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The trigger terms include very broad phrases such as "hot," "trending," and "what's popular," which can cause the skill to activate for many generic requests outside the user's intent. Over-broad activation can route unrelated conversations into a network-fetching skill, causing unnecessary external requests, irrelevant output, and reduced user control over when external content is consulted.

Natural-Language Policy Violations

Medium

Confidence: 81% confidence
Finding: The description frames the skill as Chinese-focused and uses Chinese-language context by default without clearly offering a language choice, which can lead to mismatched results or user confusion. In a skill that aggregates external content, this may bias source selection and presentation in ways the user did not request, though it is primarily a UX and policy-scope issue rather than a direct security exploit.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal