Back to skill

Security audit

学程智伴

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Chinese-language student planning and focus assistant with disclosed emotional-support features and simple local helper scripts.

Install this only if you want a Chinese-language student planning, study-focus, and non-clinical emotional-support assistant. Do not rely on it for emergencies, self-harm, suicidal thoughts, or severe distress; contact local emergency services, a crisis hotline, campus counseling, or a trusted person instead. Review memory settings if you do not want academic goals or personal stressors retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The invocation examples use broad natural-language prompts like planning, anxiety support, and starting a timer without defining routing boundaries, disallowed cases, or confirmation requirements. In an agent skill that mixes education support, mental-health discussion, and script/tool use, this can lead to over-broad activation, accidental tool invocation, or the assistant responding beyond its intended scope.

Missing User Warnings

High
Confidence
98% confidence
Finding
The manifest advertises psychological support, anxiety management, and crisis recognition/referral but provides no visible safety warning, emergency limitation, or escalation protocol. For a student-facing assistant, this is dangerous because users may rely on it during acute mental-health situations and receive inappropriate, delayed, or insufficient help instead of being directed to qualified human or emergency resources.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill explicitly states that users do not need to remember commands and that the system should infer intent from natural language, which creates overly broad activation conditions. In a conversational assistant, this can cause unintended triggering during ordinary dialogue, leading the skill to take over interactions or mis-handle sensitive topics without clear user consent.

Vague Triggers

Medium
Confidence
90% confidence
Finding
Several example utterances such as expressions of stress, confusion, or daily planning are generic enough to appear in normal conversation, making accidental activation likely. Because this skill covers emotionally sensitive and decision-support scenarios, misclassification can cause inappropriate responses, especially if the assistant assumes a support mode without explicit user intent.

Missing User Warnings

High
Confidence
97% confidence
Finding
The document presents emotional support and crisis handling, including suicidal ideation cues, but does not clearly state that the assistant is not a mental-health professional or emergency service. In this context, users may over-rely on the assistant during crisis situations, delaying contact with qualified help and increasing the risk of harm.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger phrases are extremely generic student utterances, so the skill could activate during ordinary conversation without a clear user intent to invoke it. Because this skill covers sensitive areas such as psychological support and academic/career guidance, over-broad activation increases the chance of unsolicited advice, inappropriate persona takeover, or mishandling distress-related conversations.

Natural-Language Policy Violations

Medium
Confidence
79% confidence
Finding
The skill hard-codes a Chinese-language, high-energy persona and interaction style without checking the user's preferred language or consent to that style. This can cause confusion, reduce comprehension, and in emotionally sensitive contexts may lead to miscommunication or user alienation, especially if the system applies the persona automatically in contexts where another language or tone is expected.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.