Security audit

Telecom Visit Prep

Security checks across malware telemetry and agentic risk

Overview

This is a coherent sales visit-prep skill that uses expected web search and optional report export, with privacy and file-writing cautions but no evidence of hidden or harmful behavior.

Install this if you need China Telecom enterprise visit-prep reports. Use trusted search/MCP providers, use scoped API keys, avoid entering confidential non-public customer details, verify generated facts before sharing, and be deliberate before exporting .docx files or adding the skill to persistent project instructions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The README states there is no data exfiltration because the skill runs locally, but the documented workflow depends on external web search services and API-backed MCP servers. This can mislead users into sharing sensitive enterprise data under false assumptions about privacy boundaries, increasing the risk of unintended disclosure to third-party services.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger phrases are broad, common business-language terms and could cause the skill to activate in situations where the user did not intend enterprise profiling, web searching, or report generation. In an agent environment with automatic skill routing, over-broad activation can lead to unnecessary external searches, unintended data collection, or actions being taken under the wrong workflow.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs the agent to generate and save a .docx file to the current working directory after a simple 'yes' response, without a clear upfront warning that local file creation will occur or where the file will be written. In environments with shared workspaces, sensitive projects, or automated execution, this can result in unexpected artifact creation, data leakage, or modification of the local filesystem without sufficiently informed consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.