Back to skill

Security audit

中医诊所管理系统

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real local clinic-management skill, but it stores sensitive patient, medical, appointment, and financial records in plaintext Excel files without enough safety guidance.

Review before installing for real clinic use. It may be acceptable for testing or dummy data, but real patient records should only be stored on a trusted, access-controlled device with encryption, secure backups, retention rules, and any required healthcare compliance review. Avoid running it in shared terminals or logs because patient details can be printed to output.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README explicitly states that patient records, medical charts, prescriptions, appointments, and financial data are stored as local Excel files, but it provides no warning or controls around encryption, file permissions, backups, or regulatory/privacy obligations. In a healthcare context, this is especially dangerous because these files contain highly sensitive medical and personal data that can be easily copied, emailed, or accessed by other local users if the host system is not locked down.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The top-level description is broad enough to match ordinary conversation about patients, prescriptions, appointments, or finances, even when the user may only want discussion rather than operational clinic management. Because this skill manages and writes sensitive medical and financial data, accidental activation could cause unnecessary collection, display, or modification of regulated information and local files.

Vague Triggers

Medium
Confidence
90% confidence
Finding
Generic trigger phrases like '预约', '挂号', '收费', or '写病历' lack confirmation and scope constraints, increasing the chance that normal conversation gets routed into a data-management workflow. In a skill handling patient records and finances, mistaken triggering can expose private data or lead to unintended writes, scheduling, or bookkeeping actions.

Missing User Warnings

High
Confidence
95% confidence
Finding
The workflow begins processing highly sensitive patient medical and financial data without a prominent warning that records are stored locally in Excel files. Users may not realize the privacy, retention, and compliance implications of entering regulated health information into unencrypted local spreadsheets, which raises confidentiality and legal risk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The initialization and write-operation instructions describe creating and modifying local files but do not prominently warn that these files may contain regulated medical and financial information. This omission can lead users to create persistent sensitive datasets on shared or insecure systems without understanding the security and privacy consequences.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This tool stores highly sensitive patient, medical-record, prescription, appointment, and finance data in local Excel files with no encryption, access control, integrity protection, or user warning about handling regulated health information. In a clinic-management context, this materially increases the risk of unauthorized disclosure if the host is shared, compromised, backed up insecurely, or the files are copied or synced unintentionally.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.