Automation Tool

Security checks across malware telemetry and agentic risk

Overview

This is a transparent, instruction-only content automation skill, but users should keep its powerful automation features under explicit control.

Install this if you want a broad writing and content automation helper. Review generated content before sending or publishing, do not run generated scripts unless you understand them, keep API keys and private data out of prompts, and require explicit confirmation for bulk file changes, messages, or scheduled posting.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The activation guidance uses very broad phrases like '帮我写文章' and '生成报告', which are common, ordinary user requests rather than clearly scoped invocations. This can cause unintended skill activation and grant the skill access to higher-risk capabilities such as browser, exec, and read/write in contexts where the user did not explicitly intend to invoke an automation workflow.

Natural-Language Policy Violations

Medium

Confidence: 85% confidence
Finding: The skill description and instructions are written entirely in Chinese and do not offer any language selection or fallback behavior. While not directly a code-execution issue, forcing one language can mis-handle user intent, reduce transparency, and make tool actions or generated outputs harder for users to verify, especially when combined with autonomous browsing and file operations.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal