avoid-ai-writting-flavor

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only academic-writing checklist with minor scoping and language caveats, but no unsafe code, hidden behavior, or data-access requests.

Install only if you want Chinese-language guidance for academic writing cleanup. Treat citation verification as a manual or trusted browsing step, and avoid sending unpublished manuscripts to external services unless that fits your privacy requirements.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The manifest description is broadly scoped to 'writing, editing, or reviewing academic papers,' which can cause the skill to activate for many normal academic-writing tasks rather than a narrowly defined use case. Over-broad activation increases the chance of unintended invocation, letting the skill steer outputs in contexts where its prescriptive rules may not be appropriate and potentially degrading reliability or user control.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: The skill body is entirely in Chinese while the metadata does not declare a locale restriction or provide an alternative language version. This can cause users or orchestration systems to invoke the skill without understanding its instructions, increasing the risk of misapplication, missed safeguards, or silent failure.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal