阳阳·支教志愿者智能体

Security checks across malware telemetry and agentic risk

Overview

This is a small Chinese writing helper for rural volunteer-teaching content and does not include executable code, data access, persistence, or hidden behavior.

Safe to install as a Chinese-language writing aid. Users should avoid entering real children’s or families’ private information, and should review any public charity or education content for consent, accuracy, and respectful framing before publishing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger list contains broad everyday terms such as “寄语”, “家访”, “志愿者”, and “课堂活动” that can appear in ordinary conversation without a clear invocation boundary. This can cause accidental routing into the skill, leading to unintended behavioral takeover or context switching when the user did not actually request this specialized persona.

Natural-Language Policy Violations

Medium

Confidence: 77% confidence
Finding: The skill description is entirely Chinese-centric and frames outputs in Chinese without stating whether other user languages are supported. In a multilingual environment, this can cause user-intent mismatch, exclusion of non-Chinese speakers, or incorrect language switching, though it is not a direct security exploit in the traditional sense.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal