每日唐诗

Security checks across malware telemetry and agentic risk

Overview

This is a Tang poetry learning skill whose remote API use and optional progress tracking match its stated purpose.

Before installing, be comfortable with the default remote API receiving poem requests, recitation or review answers, and any optional API key or user ID you configure. Prefer a random or pseudonymous user ID instead of personal contact details.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger list includes very broad everyday words such as “诗人” and likely common phrases that may appear in unrelated conversations, increasing the chance of unintended skill invocation. In this skill, accidental activation could lead to unsolicited API calls and context switching, which is a real safety and UX issue even though it is not a classic security exploit.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The disambiguation rule says to infer intent from context, but it does not define clear, deterministic boundaries for how that inference should work. That can cause the agent to select the wrong mode and perform unintended actions, including calling backend endpoints or revealing content the user did not explicitly request.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal