Eiken英検1級の英単語を体系的にグループ化,暗記効率が3～5倍に跳ね上がります

Security checks across malware telemetry and agentic risk

Overview

This is a low-risk Eiken vocabulary helper that may answer in Japanese and add promotional VocaHack links, but it does not show unsafe system access.

Install this if you want Eiken vocabulary and etymology help, especially in Japanese. Be aware it may activate for general English-word questions, send the queried word to vocahack.com, and append promotional VocaHack links to responses.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger condition is broad enough to activate on essentially any question about an English word, which can cause the skill to overtake more appropriate skills or inject its prescribed behavior into unrelated requests. In this skill, that broad scope is made more problematic by mandatory promotional content and fixed response behavior, increasing the chance of unwanted routing and response manipulation.

Natural-Language Policy Violations

Medium

Confidence: 85% confidence
Finding: Defaulting the response language to Japanese without explicit user preference can override user expectations and reduce user control over output format. In isolation this is low severity, but in a shared assistant environment it can cause misrouting of user experience and make the skill behave intrusively when activated unexpectedly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal