Security audit

Apollo Chengtou Trade Risk

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Chinese-language trade-risk review skill with no hidden credential, network, persistence, or destructive behavior found.

Reasonable to install if you need a 城投/国企 trade-risk assistant. Treat outputs as preliminary risk-screening, not legal advice; verify policy, company, judicial, and reputation data from lawful authorized sources; avoid submitting unnecessary personal or confidential third-party data; and do not retain contract or due-diligence material for feedback/training unless you have permission.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The trigger phrases are broad, generic requests like 'review this contract' or 'check this company,' which could activate the skill in contexts far outside the intended 城投贸易风控 domain. That can cause over-collection of sensitive business documents or inappropriate use of specialized compliance guidance where it does not apply, increasing privacy and misuse risk.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill instructs collection and assessment of company background, judicial records, ownership, and public-opinion risk without clearly warning about lawful data sources, privacy constraints, or the need for user authorization. In a due-diligence setting, this can lead users to submit sensitive third-party information or rely on improperly sourced personal/company data, creating compliance and privacy exposure.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The test report shows the skill is expected to handle broad, open-ended user prompts such as contract review, due diligence, policy interpretation, and risk advice without any visible scope limits, refusal criteria, or uncertainty handling. In a trade-risk/compliance assistant, this increases the chance the agent will provide overconfident legal, regulatory, or investigative guidance on incomplete facts, which can mislead business decisions and create unsafe automation behavior.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.