Security audit

Baidu

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Baidu helper with disclosed local memory and clear limits around account-changing actions.

Install only if you want Baidu-specific routing and optional local memory in ~/baidu/. Review that folder periodically, do not store credentials or sensitive business data there, and approve any Baidu console, key, cloud-resource, or billing action explicitly before the agent proceeds.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 91% confidence
Finding: The template preconfigures a language preference and explicitly asks whether Chinese-first sources are allowed, which can steer future outputs toward a specific language and source ecosystem before the user has opted in. In a region-aware Baidu skill, this can cause the agent to default to Chinese-language materials or China-specific sources that the user may not understand or expect, increasing the risk of misunderstanding, inaccessible guidance, or inappropriate source selection for sensitive tasks.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.