Back to skill

Security audit

cn-content-remix

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Chinese content-remix helper with a small remote API lookup script, but users should avoid sending sensitive drafts to its undocumented external API.

Install only if you want API-assisted Chinese platform content remix guidance. Use the script for platform-rule lookup with awareness that it contacts a Tencent Cloud Function endpoint, and do not submit confidential, client, regulated, or unpublished business content to the API unless the publisher documents data handling and you accept those terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The skill claims to perform content rewriting, platform-specific generation, and compliance checking, but the described implementation appears limited to exposing rules and an API backend without actually delivering the promised safeguards. This mismatch can mislead users into trusting outputs as compliant or transformed when no such validation occurs, creating downstream legal, privacy, and business risk.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill advertises a real external API backend and a CLI script but does not warn that user-provided content may be transmitted to a remote third-party service. Because the skill is designed to process arbitrary articles, product descriptions, and marketing copy, users may unknowingly send sensitive or proprietary content off-platform, creating confidentiality, compliance, and data-governance exposure.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The script performs outbound network requests to a hardcoded external endpoint without any user-facing notice, consent prompt, or offline alternative. In an agent-skill context, undisclosed network access can leak usage patterns and surprise operators who expect local-only behavior, especially when the manifest emphasizes content processing features.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.