业务运营问答助手

Security checks across malware telemetry and agentic risk

Overview

This is an offline FAQ knowledge-base helper whose local file access and deletion command match its stated purpose, with some usability cautions.

Before installing, decide where the FAQ database should live, avoid importing sensitive business or customer data unless it is meant to be reused in answers, export backups before using remove, and invoke write/delete commands only when explicitly managing the FAQ knowledge base.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The description includes broad triggers like 'add FAQ entries,' 'search FAQs,' and 'answer common questions from a knowledge base,' which can match many ordinary user requests and cause the skill to activate when not clearly intended. Over-broad activation increases the risk of accidental tool use, unintended file modifications, or disclosure of stored FAQ content in contexts where the user did not mean to invoke this skill.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The documentation advertises a destructive `remove <id>` command without any warning, confirmation step, or recovery guidance. In an agent-driven workflow, that makes accidental or mis-triggered deletion more likely and can permanently remove knowledge base entries, harming service quality or business operations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal