Xiaozhi Teach Parent Communication

Security checks across malware telemetry and agentic risk

Overview

This skill is a non-executable teacher aid for drafting parent communications, with disclosed limits around sending messages and handling sensitive student information.

Install is reasonable for a teacher workflow. Before using it with real students, confirm any solo-dashboard save action, use aliases or minimal identifiers, avoid raw parent/student sensitive details, and review the dashboard’s retention and access controls.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The skill mandates activation for very broad, common phrases such as '给家长发个消息' and '怎么跟家长沟通' without requiring disambiguation or user confirmation. This can cause unintended routing of general conversations into this workflow, increasing the chance of inappropriate data collection, cross-skill data access, or generation of parent-facing guidance when the user meant something else.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The template explicitly references preparing communication records to be written back to `solo-dashboard`, but the file provides no user-facing disclosure, consent flow, or data-minimization guidance for handling potentially sensitive student/parent communication data. In this skill context, those records may include educational performance, behavior, and family-related observations, so silent persistence increases privacy and compliance risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal