Back to skill

Security audit

KingOfZhao Decision Framework

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only decision-making framework with disclosed memory/recordkeeping guidance and no evidence of hidden execution, credential access, exfiltration, or destructive behavior.

Install this if you want a Chinese-language structured decision framework. Review the heartbeat and decision-memory behavior so any daily review or local record creation happens only when you intend it, especially if your agent has persistent memory enabled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The heartbeat instructions are broad and event-like ('check whether there is new input to process' and 'daily: organize memory, update cognition state') without clear trigger boundaries, source restrictions, or user-initiated conditions. In an agent system, this can cause unintended invocation or background processing of inputs and memory updates, which may expand the skill's authority or make it act on stale or unrelated data.

Natural-Language Policy Violations

Medium
Confidence
85% confidence
Finding
The operational text is written only in Chinese and effectively fixes the skill's control instructions to that language, without indicating user preference or multilingual fallback. This can cause misalignment with users or orchestrators expecting another language, increasing the chance of incorrect execution, missed review, or unsafe assumptions about what the skill is doing.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
The file is written only in Chinese and does not provide a language choice, translation, or documented locale restriction. In a verification/protocol document, this can cause reviewers, operators, or downstream safety tooling to misunderstand approval status or miss important constraints, weakening governance and review quality rather than creating direct code-execution risk.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.