Yingzhong Smart Teacher Main

Security checks across malware telemetry and agentic risk

Overview

This skill is a broad K12 teaching assistant, but it asks for extensive student profiling, parent messaging, syncing, backups, and AI-detection evasion features that need careful review before use.

Install only if you are prepared to strictly limit what student and parent data is entered, require teacher review before any parent message or external download, avoid the AIGC-detection-evasion features, and establish consent, retention, deletion, and access-control rules before using profiling, emotional memory, syncing, or backups.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (9)

Context-Inappropriate Capability

High

Confidence: 99% confidence
Finding: The skill explicitly advertises lowering AIGC detection rates, which is a content-concealment capability unrelated to legitimate K12 teacher assistance. This can facilitate academic dishonesty, policy evasion, and deceptive submission of AI-generated work as human-authored content.

Context-Inappropriate Capability

High

Confidence: 99% confidence
Finding: A second module repeats the same concealment behavior, showing the capability is intentional and broad rather than incidental wording. Duplicating evasion guidance across modules increases the likelihood that users will use the skill to disguise AI-generated academic or technical content.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The documented trigger phrases are broad, natural-language commands such as '帮我备课', '生成教案', and '发通知', which can plausibly appear in normal classroom or administrative conversation. In an agent environment, overly generic triggers increase the chance of unintended activation and accidental execution of actions involving lesson generation, messaging, or data handling.

Missing User Warnings

High

Confidence: 94% confidence
Finding: The README advertises OCR grading, performance analysis, student records, and WeChat parent communication, all of which imply handling sensitive student, parent, and educational data, but provides no privacy, consent, retention, or security warnings. This omission can lead users to input protected personal data into features without understanding exposure risks, especially in school settings where minors' information is involved.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The README promotes textbook download and internet lesson-plan search features without warning that these functions may access external sites, retrieve untrusted content, or expose user metadata and query contents. In an educational agent context, users may assume all resources are local or vetted, increasing the risk of unsafe downloads, privacy leakage, or ingestion of malicious/unreliable material.

Missing User Warnings

High

Confidence: 95% confidence
Finding: The skill describes extensive student and parent profiling, monitoring, and data reuse without prominent upfront notice, consent flow, or minimization boundaries. Because the target population includes minors, silent collection and long-term retention of academic, behavioral, and emotional data materially increases privacy and compliance risk.

Ssd 3

Medium

Confidence: 96% confidence
Finding: The instructions call for persistent sharing and updating of detailed learning and emotional data, including progress notifications to parents, without clear minimization or need-to-know limits. For minors, combining educational performance with emotional state creates a sensitive profile that can be over-collected, overshared, or retained too long.

Ssd 3

Medium

Confidence: 97% confidence
Finding: The skill instructs the agent to remember emotional milestones, triggers, trust signals, and prior disclosures for later personalization, creating long-lived psychological profiling of minors. Such memory can expose highly sensitive inferences and raises the risk of misuse, overreach, or unauthorized disclosure.

Ssd 3

Medium

Confidence: 97% confidence
Finding: The growth-portfolio design accumulates detailed long-term records of performance, habits, milestones, and emotional indicators, forming a comprehensive student dossier. In a K12 setting, this level of profiling is especially sensitive and dangerous if retained broadly, shared widely, or repurposed beyond the immediate educational need.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal