Back to skill

Security audit

运营商三要素核验 - 聚合数据

Security checks across malware telemetry and agentic risk

Overview

This skill performs the advertised identity check, but it handles highly sensitive identity data in ways users should review carefully before installing.

Install only if you have a legitimate need and consent to send the person’s identity data to Juhe. Prefer the script’s POST flow and environment-variable key storage, avoid the GET URL and command-line secrets, and remove or mask the raw JSON output before normal use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

High
Confidence
98% confidence
Finding
This section instructs the agent to collect a user's phone number, real name, and government ID number and transmit them to a third-party verification service, but it provides no explicit privacy warning, consent step, retention guidance, or third-party disclosure notice. Because these are highly sensitive personal identifiers, collecting and sending them without transparent notice materially increases privacy, compliance, and abuse risk.

Missing User Warnings

High
Confidence
99% confidence
Finding
The direct API example places a real name, ID card number, mobile number, and API key in a GET URL, which is commonly logged by shells, proxies, servers, browser history, and monitoring tools. Exposing identity data and credentials in query strings creates an unnecessary leakage path for both user PII and service secrets.

Missing User Warnings

High
Confidence
97% confidence
Finding
The script sends highly sensitive personal data including name, mobile number, and optionally national ID number to a third-party API. In this skill context, that data is exactly the core payload, but the code provides no explicit consent flow, privacy warning, retention notice, or indication that the data leaves the local environment, which creates a real privacy and compliance risk.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.