Superpowers Cn

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese-first workflow helper with broad activation phrases but no evidence of hidden access, credential use, persistence, exfiltration, or destructive behavior.

Install this only if you want a Chinese-first coding workflow that asks clarifying questions, plans, executes step by step, and reviews. Because the trigger phrases are generic, prefer explicit invocation or routing controls if your agent supports them, and verify the publisher/source before installing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The module is described as verifying whether execution results satisfy requirements, but reviewCode never compares outputs against the provided requirements. This can cause the system to present incomplete or incorrect work as successfully reviewed, creating a false assurance layer that weakens downstream approval or delivery decisions.

Intent-Code Divergence

Medium

Confidence: 98% confidence
Finding: The report presents checklist pass/fail results, but reviewChecklist is static and never updated from any evaluation logic. This makes the generated report misleading by default, since it can claim review outcomes without any evidence-based assessment, undermining trust in the audit process.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger phrases are extremely broad and map to common user intents like '写代码', '帮我做', and '实现XX功能'. In a skill-routing environment, this can cause the skill to activate for many unrelated requests, unexpectedly overriding more specific skills or altering agent behavior without clear user consent.

Natural-Language Policy Violations

Medium

Confidence: 78% confidence
Finding: The skill is explicitly framed as a Chinese-language workflow framework without indicating fallback behavior or user choice of language/locale. In multi-lingual systems, forcing a locale can lead to unintended activation, user confusion, or responses in the wrong language, which is a policy and usability risk rather than a direct code-execution issue.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal