Aippt.Skip

Security checks across malware telemetry and agentic risk

Overview

This PPT generator appears purpose-aligned, but it can use stored AIPPT credentials and start a credit-consuming remote job from a broad trigger without a clear confirmation step.

Install only if you intentionally want AIPPT/智绘高迪 remote PPT generation. Treat prompts as data sent to an external service, avoid confidential content unless approved, and confirm ambiguous PPT requests before running because generation may continue in the background and consume platform credits.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger phrase '帮我做个PPT' is overly broad and can match ordinary conversation, causing the skill to activate unexpectedly. Because this skill launches shell scripts and sends user content to a remote service, accidental invocation can lead to unintended data disclosure or unintended background task creation and billing/points consumption.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The script programmatically retrieves an AIPPT access token from a local credential gateway and prints it to stdout without any explicit user confirmation, scope disclosure, or masking. In agent/skill contexts, stdout is often captured by logs, parent processes, or downstream tooling, so exposing a bearer token this way can lead to unintended credential leakage and unauthorized API use.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal