Xiaozhi Weekly Review

Security checks across malware telemetry and agentic risk

Overview

This is a text-only weekly learning review skill with disclosed use of learning records and no executable code or hidden data movement.

Install only if you are comfortable with the skill summarizing learning records from connected study tools. For best privacy, use explicit weekly-review requests and confirm before sharing family versions, writing growth summaries, creating reminders, or handing monthly summaries to another coordinator skill.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill metadata description includes broad natural-language triggers such as “总结一下这周” and “下周重点是什么”, which are common phrases that may appear in ordinary conversation without the user intending to invoke this skill. This can cause accidental activation and unnecessary aggregation of weekly learning data, increasing privacy and over-collection risk.

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The trigger section expands scope beyond weekly review into monthly summaries, exam preparation, and milestone analysis, which does not fully match the skill’s stated weekly-only role. This broader routing can cause the skill to activate in contexts where different privacy expectations or specialized handlers should apply, leading to inappropriate data use or confusing handoff behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal