禁止WPS反复篡改图片文件默认打开方式

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about trying to stop WPS image association changes, but it gives broad destructive PowerShell commands that can alter registry entries, scheduled tasks, and installed application files without strong backup or rollback steps.

Install only if you are comfortable making persistent Windows and WPS changes. Before running any command, export the affected registry keys, list the matched scheduled tasks and files, confirm they are only WPS image-viewer components, prefer renaming or quarantining over deletion, and be prepared to repair or reinstall WPS if normal WPS behavior is affected.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: This is a true issue: the skill instructs users to delete registry keys, DLLs, and executable files and disable scheduled tasks, but the warning about recovery impact appears late and is too weak for actions that may be difficult to undo. Even if the goal is legitimate, these steps can break WPS components, require reinstall/repair to recover, and may cause unintended damage if task or file matching is overbroad.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal