AI 趋势分析

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed AI-industry research skill that makes narrow read-only API requests with a configured token, with no evidence of hidden persistence, destructive behavior, or unrelated data access.

Install this only if you are comfortable configuring a JQZX API token and sending AI-industry search queries to the disclosed service. Keep the token revocable, avoid confidential query terms, and verify the BASE_URL is the intended provider endpoint before use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Intent-Code Divergence

Medium

Confidence: 94% confidence
Finding: The workflow instructs the agent to use 'LLM memory' to expand search keywords, which directly contradicts the stated prohibition on relying on model memory for factual AI-industry answers. This inconsistency weakens safety boundaries and can cause the agent to introduce hallucinated or unverified terms into retrieval, contaminating evidence chains and undermining traceability.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill claims mandatory use for essentially any AI-industry question and forbids answering from general model capability, creating an overly broad activation scope. In a multi-skill or assistant environment, such blanket routing can override user intent, force unnecessary external data access, and increase privacy, availability, and prompt-routing risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal