Vague Triggers
Medium
- Confidence
- 89% confidence
- Finding
- 触发词“定时任务”过于宽泛,容易在用户只是泛泛询问调度概念、查看信息或讨论计划时误触发该 skill。该 skill 能执行添加、启停、运行任务等会改变系统状态的操作,因此误调用可能导致未预期的任务管理或数据库调度行为。
Security audit
数据库调度工具
Security checks across malware telemetry and agentic risk
Overview
This database scheduling skill appears legitimate, but it gives an agent broad database task and daemon control without enough confirmation or scoping safeguards.
Install only if you intend to let this skill manage database backups, scheduled jobs, workflows, and scheduler daemons. Before use, require the agent to confirm the exact database, task or workflow name, schedule, command to run, expected impact, and how to stop or remove any recurring automation.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)
Vague Triggers
Medium
- Confidence
- 93% confidence
- Finding
- 规则“当用户提到以下关键词时,使用此skill”仅基于关键词匹配,缺少对上下文、目标数据库、只读/写入意图和风险级别的范围限制。由于该 skill 不仅查询日志,还支持备份、启停守护进程、创建并提交工作流,模糊激活会放大误执行高影响操作的概率。
Missing User Warnings
Medium
- Confidence
- 91% confidence
- Finding
- 文档描述了会影响系统状态的操作,如添加/删除/启停任务、启动/停止守护进程、立即运行任务和提交工作流,但未要求用户确认、未提示副作用,也未区分只读和变更路径。若代理按文档直接执行,可能造成计划任务变更、资源占用、生产备份触发或服务中断,尤其在数据库和调度场景下后果更严重。
VirusTotal
65/65 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.