Back to skill

Security audit

电商竞品价格监控系统

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: monitor ecommerce competitor prices, with some operational caution around scheduled checks and saved page data.

Before installing or running it, confirm the product URLs, monitoring interval, thresholds, screenshot/storage path, retention period, and how to remove the cron job. Avoid logged-in or private pages unless you are comfortable saving screenshots and page data, and consider site terms and rate limits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases include broad, common language such as “价格监控”, “竞品分析”, and especially allowing the agent to “主动推荐” the skill, which can cause accidental activation in unrelated conversations. In this skill’s context, misfire is more dangerous because activation can lead to browser access, file writes, screenshots, and scheduled cron tasks without a clearly scoped user opt-in at trigger time.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to take screenshots, save baseline data to a local file, and create recurring cron jobs for continuous monitoring, but it does not clearly warn the user about persistent background activity and local data retention. In this context, the risk is elevated because repeated automated web access and local storage can create privacy, compliance, and resource-consumption issues, especially if users provide sensitive product URLs or do not realize the monitoring continues after the initial interaction.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.