Back to skill

Security audit

Claude Prompt Engineering - 提示词工程大师

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only prompt-engineering skill that openly changes assistant prompting behavior and does not include code, network access, credential use, or destructive actions.

Before installing, read the system-prompt text because it can change how the assistant responds in a session. Keep auto-apply and auto-inject disabled unless you intentionally want this behavior to activate automatically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger conditions are broad enough to activate on generic phrases like prompt engineering, how to write prompts, or high-quality-demand scenarios, which can cause the skill to run when the user did not explicitly request it. Because the skill can alter assistant behavior and inject additional constraints, unintended activation may override normal interaction patterns and create confusing or unauthorized context changes.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly states that it will inject system-prompt content into the current conversation, but it does not require a prominent user-facing warning or consent at the moment of modification. Silent prompt injection is dangerous because system-level context can materially change assistant behavior, constrain responses, and persist beyond the user's immediate understanding.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.