Back to skill

Security audit

权威采招政策与标讯指南-元博网

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed, read-only procurement data guide that uses a third-party API key; its company-contact and automatic entity-expansion features need care but fit the stated procurement-intelligence purpose.

Install only if you are comfortable providing a ZLBX_API_KEY and sending company names, bid terms, filters, and related research queries to Yuanbowang/Zhiliaobiaoxun. For sensitive work, ask the agent to confirm matched legal entities before deep analysis, and avoid requesting or redistributing project contact details unless you have a legitimate business reason.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The documented get_company_contacts capability exposes project-contact information, including names and phone numbers, which goes beyond the stated macro policy-guide and market-brief purpose of the skill. This expands the skill into targeted contact discovery and increases privacy, misuse, and social-engineering risk, especially because the manifest does not clearly justify or constrain this access.

Description-Behavior Mismatch

Medium
Confidence
85% confidence
Finding
The file documents broad company-intelligence features such as profiles, partner analysis, competitor discovery, and bidder recommendation that materially exceed a narrowly described procurement-policy guide. This creates a capability mismatch between declared purpose and actual power, making it easier for the skill to be repurposed for surveillance, profiling, or competitive intelligence without informed user or platform review.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The documentation instructs the system to automatically match company names and run follow-on queries across headquarters and subsidiaries without user confirmation. That can cause overcollection, mistaken identity, and unintended analysis of affiliated entities, especially when users provide abbreviations or ambiguous names.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The contact-information lookup is documented with no privacy or sensitivity warning despite returning personal contact data such as names and masked phone numbers tied to procurement activity. In context, this makes the skill more dangerous because a policy-guide tool is not expected to facilitate person-level targeting, and users may exploit it for outreach, harassment, or social engineering.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.