Loss Items 查询（复购商品）

Security checks across malware telemetry and agentic risk

Overview

The skill appears intended to query a business loss-item API, but its broad trigger wording could cause token-backed internal data lookups in contexts where the user did not clearly ask for them.

Install only if you control or trust the LOSS_API_TOKEN and are comfortable with loss-item or inventory-related business data being retrieved and summarized in chat. Consider narrowing the trigger phrases and requiring confirmation for ambiguous requests such as generic “pending” or “page 2” queries before using this in a shared or sensitive environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger phrases are broad and include generic terms like "pending" and references to pages/status, which may cause the skill to activate when a user did not intend to query this business dataset. Because the skill directly calls a business HTTPS API using a token, accidental invocation can expose internal inventory or loss-item data in ordinary conversation contexts.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The description says the skill directly calls a business HTTPS interface but does not clearly warn users that business data will be accessed using a token-backed API. This reduces transparency and informed consent, making it easier for users to unknowingly trigger retrieval of potentially sensitive operational data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal