humanize-zh-writers

Security checks across malware telemetry and agentic risk

Overview

This is a text-only Chinese creative writing skill with no code or system access, though its broad style triggers and fictional-citation guidance deserve user awareness.

Install only if you want a creative writing assistant for literary-style rewriting. Review generated text for attribution, factual accuracy, and appropriate use, especially when prompts involve named author imitation or fictional references.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger list includes broad phrases such as '按某某作家风格写' and general stylistic labels that can overlap with ordinary user writing requests. This can cause the skill to activate unintentionally, leading to unexpected behavior, incorrect routing, or bypass of a more appropriate writing or language skill. In this context the issue is not directly code-execution dangerous, but it is a real safety and reliability weakness because the skill may steer output into copyrighted or policy-sensitive style imitation when the user did not clearly request it.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal