Back to skill

Security audit

海量标讯智搜助手-标800

Security checks across malware telemetry and agentic risk

Overview

This is a documented Biao800 tender-intelligence API skill with sensitive but disclosed business-search features.

Install only if you intend to use the Biao800/Zhiliaobiaoxun service. Use a dedicated revocable API key, expect quota usage, avoid confidential searches unless external API sharing is approved, and ask the agent to confirm company matches before analysis or contact lookup when exact scope matters.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The manifest presents the skill as a bid-search assistant, but the documented capabilities extend into company intelligence, contacts, competitor discovery, supplier recommendation, and market analytics. This scope expansion can cause over-privileged or unexpected data access because users and platform policy may authorize the skill for narrow search use while it actually enables broader intelligence collection.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The skill exposes a company contacts lookup feature even though the declared purpose is complex tender search and query refinement. Contact-information retrieval increases privacy and misuse risk, especially for targeted outreach, profiling, or data harvesting, and the mismatch makes the access less likely to be expected or properly consented to.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation explicitly directs the agent to automatically expand a user-provided company reference into multiple related entities and perform follow-up analysis without user confirmation. This can cause over-collection and analysis of organizational data beyond the user's likely intent, creating privacy, consent, and data-minimization risks, especially when subsidiaries and affiliates are included silently.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.