Back to skill

Security audit

Red Alarm

Security checks across malware telemetry and agentic risk

Overview

This is a text-only Xiaohongshu content-review skill with no code execution, credentials, persistence, or hidden data access.

Install this if you want a Chinese advisory reviewer for Xiaohongshu-style AI content compliance. Treat its conclusions as guidance, not official platform decisions, and avoid pasting sensitive account data unless necessary and redacted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are broad, generic requests like '帮我审查这段内容' and '这段内容能发吗', which can match many ordinary user intents outside the narrow Xiaohongshu compliance-review use case. In an agent environment, this increases the chance of accidental invocation, causing the skill to intercept unrelated conversations and apply platform-moderation framing where it was not requested.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill description includes many broad trigger phrases such as '帮我审查这段内容' and '帮我看看这个内容有没有问题', which can overlap with ordinary requests for review, feedback, or editing. This can cause the skill to activate outside its intended compliance-review scope, leading to inappropriate routing, over-collection of sensitive content for moderation analysis, or denial of the user’s preferred handling path.

Natural-Language Policy Violations

Medium
Confidence
92% confidence
Finding
The skill unconditionally requires output in Chinese regardless of the user's language or system policy. While not a memory-safety issue, this is a real policy and usability vulnerability because it can override user expectations, break multilingual workflows, and cause policy noncompliance when the surrounding system requires responding in the user's chosen language.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.