industry-exp-distill

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese-language reference skill for organizing industry best practices, with no executable code or hidden sensitive behavior found.

Install only if you want a Chinese-oriented framework for industry best-practice research and methodology extraction. Provide the target industry, source constraints, and preferred language, and independently verify business, financial, healthcare, or regulatory claims before acting on them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation description is broad enough to trigger on generic requests such as collecting industry experience, analyzing peer practices, or extracting methodologies across many domains. Over-broad routing can cause the wrong skill to engage, leading to unnecessary data collection, scope creep, or application of industry-specific guidance in contexts where a narrower or safer skill should have been used.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: The skill content is written to operate in Chinese without offering language negotiation, which can silently override a user's preferred language. This is dangerous because it can degrade comprehension, cause misunderstanding of methodology or caveats, and reduce usability or compliance in multilingual environments.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal