浩云学长理科辅导

Security checks across malware telemetry and agentic risk

Overview

This no-code STEM tutoring skill needs review because it explicitly offers to make AI-generated content harder to detect.

Install only if you want a STEM tutoring prompt library and are comfortable ignoring the AIGC-detection-reduction feature. Do not use the polishing service to bypass school, workplace, publisher, or platform integrity checks; the publisher should remove that feature and narrow invocation triggers.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (6)

Context-Inappropriate Capability

Medium

Confidence: 96% confidence
Finding: The skill’s stated purpose is STEM tutoring, but it explicitly adds an auxiliary service to reduce AIGC detection rates. That introduces an evasion-oriented capability unrelated to legitimate educational instruction and can be used to disguise AI-generated work as human-authored. In context, the tutoring framing makes this more concerning because it could facilitate academic dishonesty while appearing benign.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The README advertises very broad natural-language triggers such as “我二次函数不会” and especially the general use case “我XXX不会,” which implies the skill may activate on common phrases without strong scoping. In an agent platform, overly broad invocation increases the chance of accidental activation, context hijacking, or unintended interception of unrelated user requests, even if the skill itself is educational.

Vague Triggers

Medium

Confidence: 74% confidence
Finding: The keyword list includes broad everyday phrases such as '这块不会' and topic-wide terms that can match routine user utterances, increasing the chance the skill is invoked unintentionally. While not directly dangerous on its own, overbroad triggering can expose users to capabilities they did not request, including the questionable AIGC-evasion add-on.

Natural-Language Policy Violations

High

Confidence: 98% confidence
Finding: The skill explicitly advertises 'AIGC Detection Reduction,' which is a policy-sensitive evasion capability. This is dangerous because it enables users to conceal AI-generated content from detection systems, undermining academic, editorial, or platform integrity controls. The educational context does not mitigate the risk; it may amplify it because students are a likely user group.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger list includes very broad generic terms such as "理科", "数学", "物理", and "化学", which are likely to appear in ordinary user conversations unrelated to explicitly invoking this skill. This can cause unintended activation or routing collisions, leading the skill to intercept general educational queries more often than intended.

Ssd 2

Medium

Confidence: 97% confidence
Finding: The document presents detection-evasion as a benign 'polishing' service, which is a classic reframing of an unsafe capability. This concealment-by-paraphrase is dangerous because it normalizes and operationalizes evasion behavior without stating its misuse plainly, making abuse easier and more socially acceptable. In a tutoring skill, this can directly support cheating or policy circumvention.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal