Back to skill

Security audit

通联终端申请_VIP对账单配置

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed workflow guide for payment terminal, reconciliation, and invoice handling, with user confirmation required before outbound email actions.

Review the full skill text before installing because it can guide an agent to process customer billing data, create reconciliation spreadsheets, message internal contacts, create Feishu tasks, and send emails to named recipients. Confirm that those recipients and templates match your organization’s process, and require explicit approval before any file or email is sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The manifest description advertises only terminal application and VIP reconciliation configuration, but the body of the skill also performs fee-invoice application and outbound email handling. This scope mismatch can cause policy, approval, and user-review systems to under-classify the skill's capabilities, making sensitive financial and external-communication actions less visible to operators and governance controls.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrase 'XX配置' is overly broad and can match many unrelated configuration requests, causing the skill to activate in contexts the user did not intend. In this skill, unintended activation is more dangerous because it can generate reconciliation files, send documents to internal recipients, and create tasks tied to financial operations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.