Back to skill

Security audit

fortune-master-suanming(算命)

Security checks across malware telemetry and agentic risk

Overview

This is mostly a text-only fortune-telling skill, but it needs Review because it expands beyond its stated BaZi scope and gives under-scoped guidance on sensitive life areas.

Install only if you are comfortable with a broad metaphysical-advice skill, not just BaZi analysis. Avoid entering unnecessary identifying details, do not provide another person’s birth data without consent, and do not rely on the output for medical, financial, legal, safety, relationship, or life-planning decisions. Use a no-network mode or ask the agent not to browse when sharing sensitive birth information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (23)

Description-Behavior Mismatch

High
Confidence
96% confidence
Finding
The guide materially expands the skill from Bazi/Four Pillars analysis into tarot, divination, compatibility matching, and feng shui, creating capability drift beyond the stated manifest scope. This is dangerous because users and host systems may rely on the declared scope for trust, review, and permission boundaries, while the broader instructions invite handling additional sensitive inputs and producing unreviewed advisory content.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The file instructs the agent to perform network research and validation despite the manifest describing a domain-analysis skill rather than a web-research or data-sharing tool. This is risky because it can cause uncontrolled retrieval, external transmission of user-derived details, and reliance on untrusted online sources without a defined trust, privacy, or permission model.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The framework explicitly instructs the skill to perform network-assisted research, which expands behavior beyond a self-contained Bazi interpretation skill into external data access. That creates unnecessary data exposure and capability creep, especially if users provide birth time, birthplace, gender, or chart screenshots that could be transmitted to third-party services during lookup.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
Looking up books, scholars, and similar example cases is not necessary for delivering the advertised fortune-analysis function and introduces unjustified external access. In context, this could leak sensitive personal inputs and also enable unbounded retrieval behavior that is hard for users to anticipate or audit.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The document materially broadens the skill from the declared BaZi/Four Pillars scope into six-yao divination, physiognomy, feng shui, Qimen Dunjia, Da Liu Ren, date selection, and related metaphysical services. This creates a scope mismatch that can mislead users and downstream systems about what the skill is authorized to do, increasing the chance of unsafe or unreviewed advice being delivered under a narrower manifest.

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The documented workflow explicitly instructs the system to incorporate feng shui and timing/date-selection steps, which exceed the stated BaZi-only purpose. Embedding out-of-scope actions in the core analysis pipeline makes the scope expansion operational rather than incidental, so users may receive recommendations that were never transparently declared or separately assessed.

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The document explicitly requires quotations to be accurate and non-fabricated, yet it also contains placeholder citations such as “卷 X” and several example quotations presented in a way that could be mistaken for authoritative direct quotes. In a skill whose value depends on citing classical sources as evidence, this creates a reliability and integrity risk: downstream outputs may reproduce fabricated or unverifiable citations as if they were genuine.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The file declares a safety boundary forbidding predictions about disease, death, or absolute events, but the framework elsewhere repeatedly instructs health-related inference and concrete year-by-year health event forecasting. That contradiction weakens safeguards and can lead the skill to generate medical-sounding advice or alarming health predictions despite the stated limit, increasing user harm in a fortune-telling context.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The FAQ explicitly claims support for divination systems such as 紫微斗数、塔罗、西方星盘、数字命理、奇门遁甲、六爻卦象 and 风水建议, which exceeds the declared skill scope of BaZi/Four Pillars analysis. This creates a scope-integrity problem: users and orchestrators may invoke the skill for capabilities it was not declared or reviewed for, increasing the risk of unsafe outputs, policy bypass by capability creep, or misrouting sensitive requests.

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The theory-stack section states the skill integrates multiple traditional systems beyond the advertised BaZi specialization, including non-BaZi frameworks. That mismatch can mislead users and any agentic routing logic about what the skill is authorized to do, expanding operational scope without corresponding governance or safety review.

Description-Behavior Mismatch

High
Confidence
96% confidence
Finding
The routing instructions explicitly broaden the skill from its declared 八字/四柱 scope into many unrelated divination systems such as 塔罗、紫微斗数、西方星盘 and 风水. This creates a scope-integrity problem: upstream systems or users may trust the manifest description, but the skill behavior can silently collect data and provide guidance outside the approved domain, weakening policy enforcement, auditing, and user consent around what the skill actually does.

Context-Inappropriate Capability

Medium
Confidence
86% confidence
Finding
The template instructs the model to use '联网验证' for theory and case supplementation, implying network use that is not justified by the stated Bazi-analysis skill scope. If the runtime has browsing or retrieval capabilities, this can expand the trust boundary, cause unvetted external content to influence outputs, and create privacy/compliance risks if user-provided divination details are sent to external services.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The file gives deterministic health, disease, injury, and disaster assessments such as likely organ problems, surgery risk, and bloodshed risk, but provides no warning that this is not medical advice. In a fortune-telling skill, users may still act on these outputs, delay proper care, or experience unnecessary fear because the guidance is framed as concrete yearly risk analysis.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document includes explicit financial outcome guidance such as income growth, investment profit/loss expectations, and advice to increase investment, without any warning that it is not financial advice. Because the skill presents these as structured annual predictions, users could make real spending or investment decisions based on unsupported claims and suffer monetary loss.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The template predicts legal disputes, imprisonment risk, accidents, and disasters as if they are assessable outcomes, yet provides no caution against relying on this content for legal, safety, or life decisions. This can cause harmful behavior changes, panic, or avoidance of proper legal and safety guidance, especially when the output sounds authoritative and personalized.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The networking/search guidance omits any privacy notice or restrictions on what user data may be sent externally while encouraging searches for similar cases and theory validation. In this skill context, inputs like birth date, time, place, and relational details are highly sensitive, so externalizing them can expose personal information and enable profiling or reidentification.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The guide asks for both parties' complete birth information for compatibility analysis but provides no warning, minimization rule, or handling policy for this sensitive personal data. In context, birth date, time, place, and paired relationship data materially increase privacy risk because they are highly identifying and can be combined for intimate inference about individuals who may not have consented.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The guidance tells the agent to query external sources but provides no user-facing warning that personal information may be shared outside the skill. Because this skill may process highly identifying birth data and uploaded chart materials, silent network use creates a meaningful privacy risk even if the content being fetched is only reference material.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The file encourages concrete judgments about career, wealth, marriage, health, timing, and other consequential life matters without any warning that the content is non-evidence-based, should not be relied upon for major decisions, or may cause harm. In this context, users could be steered toward harmful personal, financial, relational, or health choices based on authoritative-sounding but unvalidated guidance.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The FAQ says users can issue broad phrases like '帮我看看今年的运势' and that the skill will '自动判断资料完整度,启动相应的分析流程'. This lowers invocation specificity and may cause the skill to activate on common conversational phrasing, leading to unintended use, over-collection of personal data, or accidental engagement in sensitive advice contexts.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The FAQ requests highly sensitive personal data such as full birth date/time, gender, and birthplace, which can be used for profiling and identity correlation, but the collection prompt itself does not include an immediate privacy warning or minimization guidance. Although a later disclaimer mentions privacy, it is too far removed from the collection point to provide meaningful informed consent at the time of data entry.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The reference includes health-related claims such as linking weak elements to specific organs or conditions (for example lungs, liver/gallbladder, kidneys, cardiovascular system, spleen/stomach) without any disclaimer that this is not medical advice. In a divination/fortune-telling skill, users may wrongly treat these outputs as health guidance and delay seeking proper medical evaluation, making the context more concerning rather than less.

Missing User Warnings

Low
Confidence
93% confidence
Finding
This file provides structured fortune-telling content that makes predictive and quasi-diagnostic claims about marriage, health, accidents, finances, legal trouble, and life outcomes, but it does not present clear uncertainty language or a user-facing disclaimer that the material is interpretive, non-scientific, and not professional advice. In this skill context, the absence of caution is more concerning because the framework is designed for authoritative, detailed personal analysis, which can cause users to over-trust outputs and make decisions about health, relationships, or finances based on unverifiable claims.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.