Security audit

intimate-ch09-sexuality

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese-language study aid for a textbook chapter on sexuality, and the package contains only educational markdown files with no hidden actions or system access.

Install this only where Chinese-language educational discussion of sexuality and intimate relationships is appropriate. It should not be treated as medical, legal, trauma, or emergency guidance; those situations should go to qualified professionals or local emergency resources.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 89% confidence
Finding: The file’s usage instructions explicitly prescribe Chinese-language behavior for the skill flow without indicating that this should depend on the user’s language preference. This can degrade user autonomy, accessibility, and policy compliance by causing the agent to respond in a forced language even when the user did not opt in, though it does not directly create a code-execution or data-exfiltration risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.