Security audit

卖家之家(跨境电商)问答搜索

Security checks across malware telemetry and agentic risk

Overview

This is a real MJZJ Q&A integration, but it is labeled mainly as search while also allowing authenticated posting and money-related question fields without clear confirmation safeguards.

Review before installing. Use this only if you intend to let an agent access MJZJ Q&A with your API key, and require explicit confirmation of title, content, categories, anonymity, deadline, images, bountyMoney, and watchMoney before any question is posted.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger guidance includes broad natural-language intents such as ‘提问’, ‘搜索问题’, and ‘我的问答’, which can overlap with generic user requests and cause this skill to be selected outside its intended domain. In an agent system, over-broad routing can expose user data to the wrong external service or cause unintended API calls, especially because this skill supports authenticated private endpoints.

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The interface mapping uses generic phrases like ‘帮我发一个问题’, ‘查找问题’, and ‘我发布的问题’ without sufficiently constraining them to the specific mjzj service. That increases the chance of false activation and unintended use of authenticated actions such as creating a post or retrieving a user's private records from this platform.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.