AI科研工具全景指南

Security checks across malware telemetry and agentic risk

Overview

This skill is a guide to AI research tools and does not execute code itself, though users should review any separate tools it recommends installing.

Safe to use as a reference guide. Before running the listed install or configuration commands, review each downstream skill or tool separately, prefer pinned versions when reproducibility matters, and keep human review over AI-generated research outputs, citations, statistical conclusions, and required academic AI-use disclosures.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger examples are broad conversational phrases such as asking whether AI can help with research, which can cause the skill to activate in contexts far beyond its intended scope. Overbroad activation increases the chance of unwanted tool-routing, irrelevant guidance, or accidental invocation during normal conversation, especially in agentic environments where triggers may automatically select skills.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal