Security audit

卓钢链黑色产研院的早报工具

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent futures-news report generator, with expected web fetching and local HTML output but no evidence of malicious behavior.

Install only if you are comfortable with the agent fetching SteelX2 or a URL you provide, creating and opening an HTML report on your Desktop, and producing a report that omits source attribution. Review the generated HTML before sharing, especially because the template contains remote image/link references.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger list includes broad phrases such as '生成早报' and '早间新闻' that can easily match ordinary user requests unrelated to this specific skill. In an agent environment, overly broad activation increases the chance the skill runs unexpectedly, causing unintended web access and generation of formatted output without the user explicitly selecting this tool.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The README advertises automatic fetching of the latest content from a default external source and generation of an HTML page, but it does not clearly warn that using the skill may initiate outbound network requests or produce renderable HTML artifacts. This can surprise users, create privacy or policy issues around external access, and increase risk if fetched content is untrusted and later embedded into HTML without sanitization.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger list includes broad everyday phrases such as “早间新闻” and “生成早报”, which can cause the skill to activate in contexts the user did not intend. In a skill that performs network fetching and file creation, accidental invocation increases the chance of unexpected external requests and local side effects.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill instructs saving generated HTML to the user's desktop without any notice, consent, or explanation of the local write action. Silent file creation can surprise users, clutter sensitive environments, and create risk if the generated content contains unsafe or untrusted material from external sources.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill automatically fetches content from an external website or a user-supplied URL but does not disclose that network access will occur. Undisclosed outbound requests can expose usage patterns, process untrusted remote content, and increase the risk of fetching malicious or inappropriate data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal