Back to skill

Security audit

SEO Content Analyzer / SEO 内容分析

Security checks across malware telemetry and agentic risk

Overview

The skill is only a markdown SEO guide, but it embeds unrelated affiliate promotions and provides weak operational scope, so it should be reviewed before install.

Install only if you are comfortable with unrelated promotional links being present in the skill instructions. The artifact does not show malware-like behavior, but the SEO capability is under-specified and the affiliate-style content should be removed or clearly justified before normal use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill claims to perform SEO content analysis, but the documentation includes unrelated VPS hosting and stock/crypto trading promotions. This mismatch is dangerous because it indicates the skill may be used as a distribution vehicle for unsolicited advertising or affiliate monetization rather than its declared function, undermining user trust and increasing the likelihood of deceptive activation or redirection.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The presence of affiliate-style links unrelated to SEO analysis suggests the skill is embedding monetized promotions inside operational documentation. This is dangerous because users or agents may be induced to visit third-party services under the guise of legitimate skill content, creating phishing, spam, reputation, and supply-chain trust risks.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The description is overly broad and does not define when the skill should activate or what inputs and outputs it is limited to. In an agent environment, vague scope increases the chance of inappropriate invocation, unexpected behavior, or abuse through prompt overlap with unrelated tasks.

Vague Triggers

Low
Confidence
72% confidence
Finding
The use-case section describes near-universal applicability without clarifying operational limits or contexts where the skill should not run. This broad framing makes the skill more prone to over-activation and can conceal non-SEO behavior when combined with unrelated promotional material elsewhere in the file.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.