Back to skill

Security audit

Book To Learn Check

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed book-to-study-card automation, but users should understand that it can upload generated study materials and images to external services they configure.

Install this only if you are comfortable with generated PDFs or card images being uploaded to your chosen IMA/Feishu workflow, and with Feishu image mode sending embedded images to catbox.moe. Review the dependency install commands before running them, configure your own webhooks and IMA credentials, and avoid using it on books or notes you do not want processed into local files or uploaded.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Memory PoisoningPersistent Context Injection, Context Window Stuffing, Memory Manipulation
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (82)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
fn = f'img_{h}.{ext}'
            out = os.path.join(img_dir, fn)
            for attempt in range(3):
                r = subprocess.run(['curl','-sL','--insecure','--max-time','30','-A',UA,'-o',out,u], capture_output=True)
                if os.path.exists(out) and os.path.getsize(out) > 500:
                    head = open(out,'rb').read(8)
                    if head[:4]==b'\x89PNG' or head[:3]==b'\xff\xd8\xff' or head[:4]==b'GIF8' or head[:4]==b'RIFF':
Confidence
70% confidence
Finding
r = subprocess.run(['curl','-sL','--insecure','--max-time','30','-A',UA,'-o',out,u], capture_output=True)

Dynamic import via __import__()

Medium
Category
Dangerous Code Execution
Content
if card_id in fn:
            card_index = i + 1
            break
    today = __import__('datetime').date.today().isoformat()
    push_method = config.get('pushMethod', 'ima')
    row = f'| {today} | {card_index}/{index.get("totalCards","?")} | {card_id} | {topic} | {push_method} | ✅ 成功 |\n'
    with open(dp_path, 'a', encoding='utf-8') as f:
Confidence
75% confidence
Finding
today = __import__('datetime').date.today().isoformat()

Dynamic import via __import__()

Medium
Category
Dangerous Code Execution
Content
'template': 'pdf-standard',  # pdf-standard | pdf-large | feishu-card | feishu-card+image
        'imageFormat': '1:1',  # 1:1 | 1:4 (only for image supplement)
        'testPush': False,  # whether to do a test push after setup
        'createdAt': __import__('datetime').date.today().isoformat(),
    }
    with open(cfg_path, 'w', encoding='utf-8') as f:
        json.dump(config, f, ensure_ascii=False, indent=2)
Confidence
75% confidence
Finding
'createdAt': __import__('datetime').date.today().isoformat(),

subprocess module call

Medium
Category
Dangerous Code Execution
Content
"""Run a command with clean env (strip NODE_OPTIONS bun shim), return (rc, stdout, stderr)."""
    env = dict(os.environ)
    env.pop('NODE_OPTIONS', None)
    r = subprocess.run(cmd, input=input_str, capture_output=True, text=True, env=env, timeout=300)
    return r.returncode, r.stdout, r.stderr

def ima_api(api_path, body_dict):
Confidence
70% confidence
Finding
r = subprocess.run(cmd, input=input_str, capture_output=True, text=True, env=env, timeout=300)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
def notify_expired(reason):
    """Call notify_key_expired.py"""
    script = os.path.join(BASE, 'notify_key_expired.py')
    subprocess.run(['python3.11', script, reason], capture_output=True, timeout=30)

def upload(file_path, kb_name=DEFAULT_KB_NAME, folder_name=DEFAULT_FOLDER_NAME):
    # Step 0: resolve kb_id & folder_id
Confidence
70% confidence
Finding
subprocess.run(['python3.11', script, reason], capture_output=True, timeout=30)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
"""PDF: pdftotext → pypdf → pdfminer.six"""
    # 1. pdftotext (poppler) — fastest, best for text-heavy PDFs
    try:
        r = subprocess.run(['pdftotext', '-layout', path, '-'],
                           capture_output=True, text=True, timeout=120)
        if r.returncode == 0 and len(r.stdout.strip()) > 100:
            return r.stdout
Confidence
70% confidence
Finding
r = subprocess.run(['pdftotext', '-layout', path, '-'], capture_output=True, text=True, timeout=120)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
def run(cmd, input_str=None):
    env = dict(os.environ)
    env.pop('NODE_OPTIONS', None)
    r = subprocess.run(cmd, input=input_str, capture_output=True, text=True, env=env, timeout=300)
    return r.returncode, r.stdout, r.stderr

def ima_api(api_path, body_dict):
Confidence
70% confidence
Finding
r = subprocess.run(cmd, input=input_str, capture_output=True, text=True, env=env, timeout=300)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
def notify_failure(book_dir, config, reason):
    script = os.path.join(BASE, 'notify_failure.py')
    cfg_path = os.path.join(book_dir, 'config.json') if book_dir else (config or '')
    subprocess.run(['python3.11', script, '--book', '', '--stage', 'upload', '--reason', reason,
                    '--config', cfg_path], capture_output=True, timeout=30)

def upload(file_path, config, book_dir=None):
Confidence
70% confidence
Finding
subprocess.run(['python3.11', script, '--book', '', '--stage', 'upload', '--reason', reason, '--config', cfg_path], capture_output=True, timeout=30)

Lp3

Medium
Category
MCP Least Privilege
Confidence
70% confidence
Finding
Without declared permissions the skill's intent is opaque and cannot be validated.

Scope Creep

Low
Category
Excessive Agency
Content
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
Confidence
70% confidence
Finding
NOT LIMITED TO

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 12 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:10%"></div></div></div><span class="chapter-tag">I. Fundamentals</span></div><div class="topic">Major Scales, Scale Degrees, and Key Signatures</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">A major scale is an ordered collection of half and whole steps with the ascending succession W‑W‑H‑W‑W‑W‑H. Major scales are named for their first note (which is also their last note), including any accidental that applies to the note.</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>A major scale is an ordered collection of half and whole steps with the ascending succession W‑W‑H‑W‑W‑W‑H.</p><p>Major scales are named for their first note (which is also their last note), including any accidental that applies to the note.</p><p>Scale degrees are solmization syllables notated by Arabic numerals with carets above them. The scale degrees are \hat1-\hat2-\hat3-\hat4-\hat5-\hat6-\hat7.</p><p>Solfège solmization syllables are another method of naming notes in a major scale. The syllables are do, re, mi, fa, sol, la, and ti.</p><p>Each note of a major scale is also named with scale-degree names: tonic, supertonic, mediant, subdominant, dominant, submediant, and leading tone.</p><p>A key signature, consisting of either sharps or flats, appears at the beginning of a composition, after a clef but before a time signature.</p><p>The order of sharps in key signatures is F, C, G, D, A, E, B, while the order of flats is the opposite: B, E, A, D, G, C, F. In sharp key signatures, the last sharp is a 
...[truncated 27 chars]
Confidence
80% confidence
Finding
Y4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYY

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 82 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:69%"></div></div></div><span class="chapter-tag">VI. Jazz</span></div><div class="topic">ii–V–I</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">ii7–V7–Ima7 in major, or ii∅7–V7–i7 in minor, is a fundamentally important progression in traditional jazz. The ii–V–I progression can be identified through a combination of root motion by fifths plus its distinctive sequence of chord qualities (mi7–7–ma7 in major, or ∅7–7–mi7 in minor).</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>ii7–V7–Ima7 in major, or ii∅7–V7–i7 in minor, is a fundamentally important progression in traditional jazz.</p><p>The ii–V–I progression can be identified through a combination of root motion by fifths plus its distinctive sequence of chord qualities (mi7–7–ma7 in major, or ∅7–7–mi7 in minor).</p><p>Because this progression is so important to jazz, the concept of <a href="https://viva.pressbooks.pub/openmusictheory/chapter/tonicization" target="_blank" rel="noopener">applied chords</a> can expand to include applied subdominant chords—i.e., the ii chord.</p><p>Incomplete ii–V–Is, i.e., ii–Vs, can also be identified because the combination of root motion and quality is so distinctive.</p><p><a href="https://open.spotify.com/playlist/5nxI5DMIS4Yl1BkOpFm8BM?si=kp2QFTlORqmX48K_nh8GYg" target="_blank" rel="noopener">Chapter Playlist</a></p><p>Example 1 shows final cadences from four jazz tunes. Look at the harmonies—a pattern should be apparent. (You can listen to the tunes through the the <a href="https:
...[truncated 27 chars]
Confidence
80% confidence
Finding
JEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmS

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 82 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:69%"></div></div></div><span class="chapter-tag">VI. Jazz</span></div><div class="topic">ii–V–I</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">ii7–V7–Ima7 in major, or ii∅7–V7–i7 in minor, is a fundamentally important progression in traditional jazz. The ii–V–I progression can be identified through a combination of root motion by fifths plus its distinctive sequence of chord qualities (mi7–7–ma7 in major, or ∅7–7–mi7 in minor).</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>ii7–V7–Ima7 in major, or ii∅7–V7–i7 in minor, is a fundamentally important progression in traditional jazz.</p><p>The ii–V–I progression can be identified through a combination of root motion by fifths plus its distinctive sequence of chord qualities (mi7–7–ma7 in major, or ∅7–7–mi7 in minor).</p><p>Because this progression is so important to jazz, the concept of <a href="https://viva.pressbooks.pub/openmusictheory/chapter/tonicization" target="_blank" rel="noopener">applied chords</a> can expand to include applied subdominant chords—i.e., the ii chord.</p><p>Incomplete ii–V–Is, i.e., ii–Vs, can also be identified because the combination of root motion and quality is so distinctive.</p><p><a href="https://open.spotify.com/playlist/5nxI5DMIS4Yl1BkOpFm8BM?si=kp2QFTlORqmX48K_nh8GYg" target="_blank" rel="noopener">Chapter Playlist</a></p><p>Example 1 shows final cadences from four jazz tunes. Look at the harmonies—a pattern should be apparent. (You can listen to the tunes through the the <a href="https:
...[truncated 27 chars]
Confidence
80% confidence
Finding
JkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiR

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 82 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:69%"></div></div></div><span class="chapter-tag">VI. Jazz</span></div><div class="topic">ii–V–I</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">ii7–V7–Ima7 in major, or ii∅7–V7–i7 in minor, is a fundamentally important progression in traditional jazz. The ii–V–I progression can be identified through a combination of root motion by fifths plus its distinctive sequence of chord qualities (mi7–7–ma7 in major, or ∅7–7–mi7 in minor).</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>ii7–V7–Ima7 in major, or ii∅7–V7–i7 in minor, is a fundamentally important progression in traditional jazz.</p><p>The ii–V–I progression can be identified through a combination of root motion by fifths plus its distinctive sequence of chord qualities (mi7–7–ma7 in major, or ∅7–7–mi7 in minor).</p><p>Because this progression is so important to jazz, the concept of <a href="https://viva.pressbooks.pub/openmusictheory/chapter/tonicization" target="_blank" rel="noopener">applied chords</a> can expand to include applied subdominant chords—i.e., the ii chord.</p><p>Incomplete ii–V–Is, i.e., ii–Vs, can also be identified because the combination of root motion and quality is so distinctive.</p><p><a href="https://open.spotify.com/playlist/5nxI5DMIS4Yl1BkOpFm8BM?si=kp2QFTlORqmX48K_nh8GYg" target="_blank" rel="noopener">Chapter Playlist</a></p><p>Example 1 shows final cadences from four jazz tunes. Look at the harmonies—a pattern should be apparent. (You can listen to the tunes through the the <a href="https:
...[truncated 27 chars]
Confidence
80% confidence
Finding
SJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEm

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 98 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:83%"></div></div></div><span class="chapter-tag">VII. Popular Music</span></div><div class="topic">Modal Schemas</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">Many pop songs use harmonic progressions that imply modes other than major/minor. A modal schema may be used without the entire song being strictly within that mode.</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>Many pop songs use harmonic progressions that imply modes other than major/minor.</p><p>A modal schema may be used without the entire song being strictly within that mode.</p><p>Modes may be compared to major and natural minor to understand what characterizes their sound (their color notes)</p><p>Mixolydian schemas:</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/blues-based-schemas#plagal-schemas" target="_blank" rel="noopener">Double plagal</a> ♭VII–IV–I</p><p>Subtonic shuttle I–♭VII</p><p>Aeolian schemas:</p><p>Subtonic shuttle i–♭VII (same as mixolydian, but with a minor tonic)</p><p>Aeolian shuttle i–♭VII–♭VI–♭VII</p><p>Aeolian cadence ♭VI–♭VII–i (or I)</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/classical-schemas#lament" target="_blank" rel="noopener">Lament</a> i–♭VII–♭VI–v</p><p>Dorian schemas:</p><p>Dorian shuttle i–IV</p><p>Lydian schemas:</p><p>Lydian shuttle I–II♯</p><p>Lydian cadence II♯–IV–I</p><p>This book covers modes from many different angles. For more information on modes, check <a href="https://viva.pressbooks.pub/openmusictheory/chapter/intr
...[truncated 28 chars]
Confidence
80% confidence
Finding
SJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEmSJEm

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 98 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:83%"></div></div></div><span class="chapter-tag">VII. Popular Music</span></div><div class="topic">Modal Schemas</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">Many pop songs use harmonic progressions that imply modes other than major/minor. A modal schema may be used without the entire song being strictly within that mode.</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>Many pop songs use harmonic progressions that imply modes other than major/minor.</p><p>A modal schema may be used without the entire song being strictly within that mode.</p><p>Modes may be compared to major and natural minor to understand what characterizes their sound (their color notes)</p><p>Mixolydian schemas:</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/blues-based-schemas#plagal-schemas" target="_blank" rel="noopener">Double plagal</a> ♭VII–IV–I</p><p>Subtonic shuttle I–♭VII</p><p>Aeolian schemas:</p><p>Subtonic shuttle i–♭VII (same as mixolydian, but with a minor tonic)</p><p>Aeolian shuttle i–♭VII–♭VI–♭VII</p><p>Aeolian cadence ♭VI–♭VII–i (or I)</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/classical-schemas#lament" target="_blank" rel="noopener">Lament</a> i–♭VII–♭VI–v</p><p>Dorian schemas:</p><p>Dorian shuttle i–IV</p><p>Lydian schemas:</p><p>Lydian shuttle I–II♯</p><p>Lydian cadence II♯–IV–I</p><p>This book covers modes from many different angles. For more information on modes, check <a href="https://viva.pressbooks.pub/openmusictheory/chapter/intr
...[truncated 28 chars]
Confidence
80% confidence
Finding
JEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmqAQYAJEmSJEmq

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 98 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:83%"></div></div></div><span class="chapter-tag">VII. Popular Music</span></div><div class="topic">Modal Schemas</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">Many pop songs use harmonic progressions that imply modes other than major/minor. A modal schema may be used without the entire song being strictly within that mode.</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>Many pop songs use harmonic progressions that imply modes other than major/minor.</p><p>A modal schema may be used without the entire song being strictly within that mode.</p><p>Modes may be compared to major and natural minor to understand what characterizes their sound (their color notes)</p><p>Mixolydian schemas:</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/blues-based-schemas#plagal-schemas" target="_blank" rel="noopener">Double plagal</a> ♭VII–IV–I</p><p>Subtonic shuttle I–♭VII</p><p>Aeolian schemas:</p><p>Subtonic shuttle i–♭VII (same as mixolydian, but with a minor tonic)</p><p>Aeolian shuttle i–♭VII–♭VI–♭VII</p><p>Aeolian cadence ♭VI–♭VII–i (or I)</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/classical-schemas#lament" target="_blank" rel="noopener">Lament</a> i–♭VII–♭VI–v</p><p>Dorian schemas:</p><p>Dorian shuttle i–IV</p><p>Lydian schemas:</p><p>Lydian shuttle I–II♯</p><p>Lydian cadence II♯–IV–I</p><p>This book covers modes from many different angles. For more information on modes, check <a href="https://viva.pressbooks.pub/openmusictheory/chapter/intr
...[truncated 28 chars]
Confidence
80% confidence
Finding
RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 98 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:83%"></div></div></div><span class="chapter-tag">VII. Popular Music</span></div><div class="topic">Modal Schemas</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">Many pop songs use harmonic progressions that imply modes other than major/minor. A modal schema may be used without the entire song being strictly within that mode.</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>Many pop songs use harmonic progressions that imply modes other than major/minor.</p><p>A modal schema may be used without the entire song being strictly within that mode.</p><p>Modes may be compared to major and natural minor to understand what characterizes their sound (their color notes)</p><p>Mixolydian schemas:</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/blues-based-schemas#plagal-schemas" target="_blank" rel="noopener">Double plagal</a> ♭VII–IV–I</p><p>Subtonic shuttle I–♭VII</p><p>Aeolian schemas:</p><p>Subtonic shuttle i–♭VII (same as mixolydian, but with a minor tonic)</p><p>Aeolian shuttle i–♭VII–♭VI–♭VII</p><p>Aeolian cadence ♭VI–♭VII–i (or I)</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/classical-schemas#lament" target="_blank" rel="noopener">Lament</a> i–♭VII–♭VI–v</p><p>Dorian schemas:</p><p>Dorian shuttle i–IV</p><p>Lydian schemas:</p><p>Lydian shuttle I–II♯</p><p>Lydian cadence II♯–IV–I</p><p>This book covers modes from many different angles. For more information on modes, check <a href="https://viva.pressbooks.pub/openmusictheory/chapter/intr
...[truncated 28 chars]
Confidence
80% confidence
Finding
RERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERE

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 98 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:83%"></div></div></div><span class="chapter-tag">VII. Popular Music</span></div><div class="topic">Modal Schemas</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">Many pop songs use harmonic progressions that imply modes other than major/minor. A modal schema may be used without the entire song being strictly within that mode.</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>Many pop songs use harmonic progressions that imply modes other than major/minor.</p><p>A modal schema may be used without the entire song being strictly within that mode.</p><p>Modes may be compared to major and natural minor to understand what characterizes their sound (their color notes)</p><p>Mixolydian schemas:</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/blues-based-schemas#plagal-schemas" target="_blank" rel="noopener">Double plagal</a> ♭VII–IV–I</p><p>Subtonic shuttle I–♭VII</p><p>Aeolian schemas:</p><p>Subtonic shuttle i–♭VII (same as mixolydian, but with a minor tonic)</p><p>Aeolian shuttle i–♭VII–♭VI–♭VII</p><p>Aeolian cadence ♭VI–♭VII–i (or I)</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/classical-schemas#lament" target="_blank" rel="noopener">Lament</a> i–♭VII–♭VI–v</p><p>Dorian schemas:</p><p>Dorian shuttle i–IV</p><p>Lydian schemas:</p><p>Lydian shuttle I–II♯</p><p>Lydian cadence II♯–IV–I</p><p>This book covers modes from many different angles. For more information on modes, check <a href="https://viva.pressbooks.pub/openmusictheory/chapter/intr
...[truncated 28 chars]
Confidence
80% confidence
Finding
zMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzM

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 98 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:83%"></div></div></div><span class="chapter-tag">VII. Popular Music</span></div><div class="topic">Modal Schemas</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">Many pop songs use harmonic progressions that imply modes other than major/minor. A modal schema may be used without the entire song being strictly within that mode.</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>Many pop songs use harmonic progressions that imply modes other than major/minor.</p><p>A modal schema may be used without the entire song being strictly within that mode.</p><p>Modes may be compared to major and natural minor to understand what characterizes their sound (their color notes)</p><p>Mixolydian schemas:</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/blues-based-schemas#plagal-schemas" target="_blank" rel="noopener">Double plagal</a> ♭VII–IV–I</p><p>Subtonic shuttle I–♭VII</p><p>Aeolian schemas:</p><p>Subtonic shuttle i–♭VII (same as mixolydian, but with a minor tonic)</p><p>Aeolian shuttle i–♭VII–♭VI–♭VII</p><p>Aeolian cadence ♭VI–♭VII–i (or I)</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/classical-schemas#lament" target="_blank" rel="noopener">Lament</a> i–♭VII–♭VI–v</p><p>Dorian schemas:</p><p>Dorian shuttle i–IV</p><p>Lydian schemas:</p><p>Lydian shuttle I–II♯</p><p>Lydian cadence II♯–IV–I</p><p>This book covers modes from many different angles. For more information on modes, check <a href="https://viva.pressbooks.pub/openmusictheory/chapter/intr
...[truncated 28 chars]
Confidence
80% confidence
Finding
MzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMz

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 98 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:83%"></div></div></div><span class="chapter-tag">VII. Popular Music</span></div><div class="topic">Modal Schemas</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">Many pop songs use harmonic progressions that imply modes other than major/minor. A modal schema may be used without the entire song being strictly within that mode.</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>Many pop songs use harmonic progressions that imply modes other than major/minor.</p><p>A modal schema may be used without the entire song being strictly within that mode.</p><p>Modes may be compared to major and natural minor to understand what characterizes their sound (their color notes)</p><p>Mixolydian schemas:</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/blues-based-schemas#plagal-schemas" target="_blank" rel="noopener">Double plagal</a> ♭VII–IV–I</p><p>Subtonic shuttle I–♭VII</p><p>Aeolian schemas:</p><p>Subtonic shuttle i–♭VII (same as mixolydian, but with a minor tonic)</p><p>Aeolian shuttle i–♭VII–♭VI–♭VII</p><p>Aeolian cadence ♭VI–♭VII–i (or I)</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/classical-schemas#lament" target="_blank" rel="noopener">Lament</a> i–♭VII–♭VI–v</p><p>Dorian schemas:</p><p>Dorian shuttle i–IV</p><p>Lydian schemas:</p><p>Lydian shuttle I–II♯</p><p>Lydian cadence II♯–IV–I</p><p>This book covers modes from many different angles. For more information on modes, check <a href="https://viva.pressbooks.pub/openmusictheory/chapter/intr
...[truncated 28 chars]
Confidence
80% confidence
Finding
zMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzM

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 98 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:83%"></div></div></div><span class="chapter-tag">VII. Popular Music</span></div><div class="topic">Modal Schemas</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">Many pop songs use harmonic progressions that imply modes other than major/minor. A modal schema may be used without the entire song being strictly within that mode.</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>Many pop songs use harmonic progressions that imply modes other than major/minor.</p><p>A modal schema may be used without the entire song being strictly within that mode.</p><p>Modes may be compared to major and natural minor to understand what characterizes their sound (their color notes)</p><p>Mixolydian schemas:</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/blues-based-schemas#plagal-schemas" target="_blank" rel="noopener">Double plagal</a> ♭VII–IV–I</p><p>Subtonic shuttle I–♭VII</p><p>Aeolian schemas:</p><p>Subtonic shuttle i–♭VII (same as mixolydian, but with a minor tonic)</p><p>Aeolian shuttle i–♭VII–♭VI–♭VII</p><p>Aeolian cadence ♭VI–♭VII–i (or I)</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/classical-schemas#lament" target="_blank" rel="noopener">Lament</a> i–♭VII–♭VI–v</p><p>Dorian schemas:</p><p>Dorian shuttle i–IV</p><p>Lydian schemas:</p><p>Lydian shuttle I–II♯</p><p>Lydian cadence II♯–IV–I</p><p>This book covers modes from many different angles. For more information on modes, check <a href="https://viva.pressbooks.pub/openmusictheory/chapter/intr
...[truncated 28 chars]
Confidence
80% confidence
Finding
ZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZm

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 98 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:83%"></div></div></div><span class="chapter-tag">VII. Popular Music</span></div><div class="topic">Modal Schemas</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">Many pop songs use harmonic progressions that imply modes other than major/minor. A modal schema may be used without the entire song being strictly within that mode.</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>Many pop songs use harmonic progressions that imply modes other than major/minor.</p><p>A modal schema may be used without the entire song being strictly within that mode.</p><p>Modes may be compared to major and natural minor to understand what characterizes their sound (their color notes)</p><p>Mixolydian schemas:</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/blues-based-schemas#plagal-schemas" target="_blank" rel="noopener">Double plagal</a> ♭VII–IV–I</p><p>Subtonic shuttle I–♭VII</p><p>Aeolian schemas:</p><p>Subtonic shuttle i–♭VII (same as mixolydian, but with a minor tonic)</p><p>Aeolian shuttle i–♭VII–♭VI–♭VII</p><p>Aeolian cadence ♭VI–♭VII–i (or I)</p><p><a href="https://viva.pressbooks.pub/openmusictheory/chapter/classical-schemas#lament" target="_blank" rel="noopener">Lament</a> i–♭VII–♭VI–v</p><p>Dorian schemas:</p><p>Dorian shuttle i–IV</p><p>Lydian schemas:</p><p>Lydian shuttle I–II♯</p><p>Lydian cadence II♯–IV–I</p><p>This book covers modes from many different angles. For more information on modes, check <a href="https://viva.pressbooks.pub/openmusictheory/chapter/intr
...[truncated 28 chars]
Confidence
80% confidence
Finding
ZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZm

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 101 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:86%"></div></div></div><span class="chapter-tag">VII. Popular Music</span></div><div class="topic">Drumbeats</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">The backbeat is common to most pop drumbeats. The backbeat is an accented articulation on beats two and four in quadruple meters, usually played by the snare drum. The kick drum is often syncopated.</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>The backbeat is common to most pop drumbeats. The backbeat is an accented articulation on beats two and four in quadruple meters, usually played by the snare drum.</p><p>The kick drum is often syncopated.</p><p>Cymbals—hi-hats, ride, and crash—often play regular pulses at the beat, beat division, or beat subdivison level.</p><p>Common drumbeats other than the basic rock beat include double-time, half-time, four-on-the-floor, and dembow.</p><p>Quadruple meters are by far the most common meter in pop music; simple triple is the next most common. A simple triple drumbeat in pop music will often have a snare hit on beat three.</p><p><a href="https://open.spotify.com/playlist/43Fu9cn3RbUTr82fmJYwhl?si=4edc1056a6e74fd0" target="_blank" rel="noopener">Chapter Playlist</a></p><p>Drumbeats are the rhythmic cornerstone of many genres of popular music, including rap, rock, and jazz. Sometimes a drumbeat is performed on a drum kit, sometimes it’s sampled from an existing recording or programmed into a sequencer or DAW (digital audio workstation). In this primer, we’ll learn about the i
...[truncated 28 chars]
Confidence
80% confidence
Finding
ERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERER

Context Window Stuffing

Medium
Category
Memory Poisoning
Content
.translation-panel .ph{font-weight:500}
.src{padding:2px 20px 4px;font-size:11.5px;color:var(--muted)}
.src a{color:var(--muted);word-break:break-all;text-decoration:none}.src a:hover{text-decoration:underline}
</style></head><body><div class="card"><div class="card-head"><div class="progress-row"><span class="progress-num">Card 101 / 118</span><div class="progress-bar"><div class="progress-fill" style="width:86%"></div></div></div><span class="chapter-tag">VII. Popular Music</span></div><div class="topic">Drumbeats</div><div class="section"><h3><span class="dot g"></span>Core Idea</h3><div class="core">The backbeat is common to most pop drumbeats. The backbeat is an accented articulation on beats two and four in quadruple meters, usually played by the snare drum. The kick drum is often syncopated.</div></div><div class="section"><h3><span class="dot b"></span>Explanation</h3><div class="expl"><p>The backbeat is common to most pop drumbeats. The backbeat is an accented articulation on beats two and four in quadruple meters, usually played by the snare drum.</p><p>The kick drum is often syncopated.</p><p>Cymbals—hi-hats, ride, and crash—often play regular pulses at the beat, beat division, or beat subdivison level.</p><p>Common drumbeats other than the basic rock beat include double-time, half-time, four-on-the-floor, and dembow.</p><p>Quadruple meters are by far the most common meter in pop music; simple triple is the next most common. A simple triple drumbeat in pop music will often have a snare hit on beat three.</p><p><a href="https://open.spotify.com/playlist/43Fu9cn3RbUTr82fmJYwhl?si=4edc1056a6e74fd0" target="_blank" rel="noopener">Chapter Playlist</a></p><p>Drumbeats are the rhythmic cornerstone of many genres of popular music, including rap, rock, and jazz. Sometimes a drumbeat is performed on a drum kit, sometimes it’s sampled from an existing recording or programmed into a sequencer or DAW (digital audio workstation). In this primer, we’ll learn about the i
...[truncated 28 chars]
Confidence
80% confidence
Finding
RJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJkiRJki

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dynamic_code_execution

Dynamic code execution detected.

Critical
Code
suspicious.dynamic_code_execution
Location
book_setup.py:36