Jiaopei Skill

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese-language education-business operations guide with templates and no code execution, credentials, persistence, or hidden behavior.

Install only if Chinese-language education-operations guidance is appropriate for you. Treat the financial, pricing, employment, marketing, and licensing suggestions as general business templates, and verify local education, advertising, labor, and prepayment rules before relying on them.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 93% confidence
Finding: The skill is written entirely in Chinese with no language selection, fallback, or notice, which can cause users and downstream agents to misunderstand operating guidance, financial advice, compliance cautions, and communication templates. In a business-operations skill, language mismatch increases the risk of silent misuse or unsafe execution of recommendations because critical constraints may not be understood.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal