chinese-voice-skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a voice-reply/TTS skill whose main risk is overly broad auto-activation, not evidence of malicious behavior.

Install this only if you want the agent to enter voice/TTS mode from voice-related prompts. Prefer explicit opt-in wording and confirm before sending sensitive text to any external TTS service.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill defines many broad read_when phrases such as '开始语音', '发送语音', and '语音对话', which can overlap with ordinary conversation or unrelated requests. Because the skill is configured to auto-trigger, ambiguous matching can cause unintended execution, unnecessary tool invocation, and accidental transmission of user content to an external TTS service.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The description states the skill 'auto-triggers when the user needs a voice reply' but does not define precise boundaries for what constitutes that need. In an agent system, vague auto-activation criteria increase the chance of unexpected skill invocation and processing of content the user did not intend to convert to speech.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal