Short Play Writer（短剧剧本创作大师）

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only writing skill for short drama and AI comic scripts, with no evidence of hidden access, credential use, persistence, or destructive behavior.

Installers should expect this skill to steer qualifying creative-writing requests toward Chinese short-drama and AI manhua conventions. Review the broad trigger language if you want tighter activation, and treat its market statistics and production advice as creative guidance rather than verified current business data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The auto-trigger rule is overly expansive: it says the skill should trigger even when the user does not explicitly mention short dramas or comics, as long as the request loosely matches related creative characteristics. In an agent environment, this can cause inappropriate skill invocation on generic writing tasks, leading to prompt hijacking of user intent, reduced reliability, and unintended disclosure or application of domain-specific instructions where they were not requested.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal