Xue Feng Skill Publish

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable college major and career-planning skill; its main caution is that it may ask for sensitive personal background details to tailor advice.

Use this as advisory planning help, not an official admissions or career authority. Avoid sharing identity numbers, account credentials, or unnecessary family details, and verify score cutoffs, employment data, salary claims, and policy changes against current official sources before making decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 91% confidence
Finding: The skill prescribes a fixed Chinese response structure without indicating that the assistant should adapt to the user's preferred language. This can override platform-level language expectations, reduce usability, and in multilingual contexts may cause misunderstanding or make safety-critical guidance less accessible to the user.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal