去 AI 味内容引擎

Security checks across malware telemetry and agentic risk

Overview

This is a text-only Chinese writing helper for making drafts sound less AI-like, with no code execution, credentials, persistence, or posting authority.

Safe to install as a writing aid. Users should verify that any added personal details, numbers, sources, or claimed experiences are true, and should disclose AI assistance when platform rules or audience expectations require it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger phrases are broad enough to match ordinary writing requests such as rewriting, humanizing tone, or platform optimization, which can cause the skill to activate outside the user's intended context. This is dangerous because it can silently override a more appropriate agent behavior, leading to prompt-routing errors, unintended content transformation, and reduced user control over outputs.

Natural-Language Policy Violations

Medium

Confidence: 76% confidence
Finding: The skill is written to operate entirely in Chinese and does not provide a mechanism to preserve or negotiate the user's preferred language. This can cause unintended language switching, user confusion, or policy/compliance issues in multilingual environments where output language must remain consistent with user input or system expectations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal