Back to skill

Security audit

CN PPT Outline Writer PPT大纲生成器

Security checks across malware telemetry and agentic risk

Overview

This is a text-only Chinese PPT outline helper, with no code execution, credentials, persistence, or external data access.

Safe to install for PPT outline drafting. Be aware it may activate on broad Chinese workplace terms, so confirm the assistant is actually helping with a presentation before sharing sensitive business details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill advertises a very broad set of trigger phrases such as '汇报', '提案', '演讲稿', and '工作汇报', which are common in ordinary workplace conversations and can cause the skill to activate when the user did not explicitly ask for PPT-outline help. Unintended activation can steer the assistant away from the user's real task, leak contextual data into an unnecessary skill flow, or create prompt-routing interference with other skills.

VirusTotal

51/51 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.