Security audit

Software Data Admapix Raw Developer Helper

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only helper skill with overly broad activation wording, but no evidence of hidden execution, credential access, persistence, or data exfiltration.

Installing this skill appears low risk from a security standpoint, but users should be aware it may activate for unrelated software or data requests because its trigger terms are too broad. Prefer explicit invocation by skill name when you actually want AdMapix-style workflow help.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (11)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger phrases are broad and partly generic, which can cause the skill to activate for loosely related requests rather than clear AdMapix/raw-data workflow needs. In an agent ecosystem, overbroad routing can misdirect user tasks, expose the skill in unintended contexts, and increase the chance that downstream instructions or automations are applied where they do not fit.

Vague Triggers

High

Confidence: 94% confidence
Finding: The trigger phrases are so broad and generic that normal user requests can unintentionally activate this skill, causing routing collisions and unexpected behavior. In an agent ecosystem, this can redirect unrelated conversations into the wrong workflow, increasing the chance of unsafe or confusing automation decisions.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: Mixing English-centric trigger phrases into a Chinese README without clear language handling can cause misfires, inconsistent invocation, and user confusion about how the skill is meant to be activated. While not directly enabling code execution or data exfiltration, it weakens activation precision and can compound the broad-trigger problem in multilingual environments.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill description and activation guidance are broad enough to match many ordinary software or data requests, which can cause the skill to trigger outside its intended scope. Overbroad activation increases the chance that users receive irrelevant or lower-safety guidance, and in agentic systems it can route tasks to the wrong workflow without clear user intent.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The keyword list contains highly generic terms like 'raw', 'data', 'layer', and 'bug fix', which overlap with a wide range of benign everyday requests. In a skill-routing environment, these generic triggers can cause excessive false activations, misrouting user tasks and potentially exposing them to inappropriate actions or assumptions from this skill.

Vague Triggers

Low

Confidence: 85% confidence
Finding: The example trigger sentences are malformed and do not establish clear activation boundaries, making it harder for maintainers and routing logic to distinguish intended from unintended use. While not directly exploitable like code execution, ambiguous examples reinforce overbroad matching behavior and increase operational misfires.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: 触发关键词包含 `raw`、`data`、`layer`、`apps` 等高度通用词，容易在与该技能无关的普通软件/数据对话中被误触发。误触发会扩大该技能的适用范围，使代理在缺乏明确用户意图时进入该工作流，可能导致错误指导、上下文污染或绕过更合适的专用技能。

Vague Triggers

Medium

Confidence: 92% confidence
Finding: 技能描述将启用条件定义为用户提出 `software-and-data, admapix, raw, data, layer` 或任何“实用流程、产物、检查清单、分析或实现支持”需求，边界明显过宽。这样的条件几乎覆盖大量常见开发咨询场景，会让路由系统高频错误匹配该技能，增加不相关介入、错误建议和权限/能力错配的风险。

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The default prompt includes a very broad natural-language trigger phrase and the policy allows implicit invocation, which increases the chance that ordinary user requests will unintentionally activate this skill. In practice, this can cause prompt-routing confusion, unexpected tool behavior, and accidental exposure of the skill’s instructions in contexts where the user did not intend to invoke it.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger sentence starts with a very common phrase, "Help me," which creates a high risk of accidental skill activation in unrelated conversations. In an agent-routing context, overly broad triggers can misroute user requests, causing the wrong skill to run, exposing irrelevant internal workflows, or bypassing more appropriate safeguards and intent checks.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger guidance is broadly worded and lacks clear activation boundaries, so many general software-help requests could incorrectly match this skill. Ambiguous routing criteria increase the chance of unintended invocation, which can degrade reliability and potentially route sensitive or safety-relevant requests into a workflow not designed for them.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal