Back to skill

Security audit

Zhihu Geo Draft Assistant

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly transparent and locally scoped, but it includes guidance for making brand content less detectable as marketing on Zhihu.

Install only if you will use it for human-reviewed, disclosure-compliant drafting. Do not use the no-ad rewrite flow to hide sponsorship, evade Zhihu moderation, or make promotional content look independent. Review every generated draft for factual accuracy, required disclosures, and platform rules before manually publishing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
This prompt explicitly instructs rewriting branded marketing content into a 'pure' version for cases with 'high ban risk' or low-account trust, specifically to avoid being folded or classified as marketing content. That is ad-evasion guidance aimed at bypassing platform moderation and disclosure signals, which can enable deceptive promotion and policy circumvention.

Missing User Warnings

Low
Confidence
95% confidence
Finding
The prompt instructs the agent to write to a fixed workspace path without any user confirmation or safety note. In agent environments with file-write capabilities, this can cause unintended file modification or overwrite behavior, especially if the user did not explicitly request filesystem changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.