Process Optimization

Security checks across malware telemetry and agentic risk

Overview

This is a small, non-executable process-optimization skill with no hidden code, installation behavior, credential use, or persistence.

Install this if you want Chinese-language guidance for business process optimization and automation planning. Be aware it is written for a specific named audience, so users outside that context may need to ask the agent to adapt language, assumptions, and recommendations to their own workflow.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 89% confidence
Finding: The skill metadata and description explicitly state it is designed for a specific audience ('專為兔仔設計'), which can cause the agent to bias responses toward one user identity or language context without confirming the current user's preference. In practice this can reduce reliability, exclude other users, and create prompt-steering behavior that conflicts with user intent, though it is not a direct code-execution or data-exfiltration issue.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal