App外包

Security checks across malware telemetry and agentic risk

Overview

This is a plain Chinese-language business checklist for app outsourcing and does not ask the agent to access data, run commands, or change anything.

Install this only if you want a Chinese-language checklist for app outsourcing monetization. Treat the business advice as general guidance and independently verify contracts, taxes, platform policies, copyright, advertising claims, and client-delivery obligations before acting on it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill description is broad ('当你计划从事或优化App外包时调用'), which can cause the agent to invoke this skill in loosely related situations. Over-broad triggering increases the chance of irrelevant or unintended activation, potentially polluting responses, bypassing better-matched skills, or causing the agent to follow business-growth guidance outside the user's actual intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal