Back to skill

Security audit

66天成为优秀班主任 · 跟 Estelle 学

Security checks across malware telemetry and agentic risk

Overview

This is a teacher-coaching skill with a simple local helper script and no evidence of hidden data access, persistence, exfiltration, or destructive behavior.

Reasonable to install if you want classroom-management coaching in Chinese. Be aware that the skill may activate on broad stress-related wording, so for non-school stress or mental-health support you should ask the agent to use a more appropriate skill or context.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The auto-activation criteria are broad and keyed to common phrases like '累', '压力大', and '不知道怎么管学生', which can appear in many ordinary conversations. This can cause the agent to invoke the skill outside the user's intent, leading to inappropriate guidance, context hijacking, or suppression of more relevant skills in sensitive education or mental-health-adjacent scenarios.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.