Adcote Kede-浦江科德融合部简介

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only school information skill with one over-broad trigger concern but no code, data access, persistence, or hidden behavior.

Installers should be aware that the skill may activate for broad school or admissions prompts unless the user clearly means this specific school. Review generated admissions, fee, scholarship, policy, and course claims against official current school information before using them publicly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The description includes a long trigger list with broad terms such as '浦江', '国际部', '学校介绍', and '课程说明', which can match many ordinary education-related conversations and cause the skill to activate when the user did not intend it. Unintended invocation can inject domain-specific instructions and constraints into unrelated chats, increasing the risk of context hijacking, confusion, or disclosure of polished organizational messaging in the wrong setting.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal