OPC Playbook

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a Chinese advisory playbook for evaluating and building one-person AI startups, with no executable code or hidden privileged behavior.

Install this if you want a Chinese-language framework for assessing and planning a one-person AI startup. Be aware that it may trigger on broad startup-related prompts, so specify when you do or do not want the playbook applied and ask for your preferred response language if needed.

SkillSpector (2)

By NVIDIA

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger description is very broad, covering many common startup and entrepreneurship phrases across multiple languages. This can cause unintended activation in unrelated conversations, injecting unsolicited guidance and potentially overriding the user's actual intent or the system's preferred routing. In this context, the skill is advisory rather than code-executing, so the main risk is misrouting and confusing behavior rather than direct compromise.

Natural-Language Policy Violations

Medium

Confidence: 82% confidence
Finding: The skill is written entirely in Chinese and its description does not offer a language-selection path or justify a Chinese-only scope. If triggered for users interacting in other languages, it may force responses in an unexpected language, degrading usability, obscuring important guidance, and increasing the chance of user misunderstanding. The skill's business-advice context makes this less dangerous than a security or medical skill, but it still creates avoidable reliability and trust issues.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal