Security audit

紫微斗数 (北派飞星)

Security checks across malware telemetry and agentic risk

Overview

This astrology skill collects birth details for a clearly stated chart-reading purpose and the reviewed scripts process them locally without hidden storage, credential use, or exfiltration.

Install only if you are comfortable providing exact birth details to the agent for astrology analysis. Prefer local text output for privacy, and use Feishu documents or screenshots only when you intentionally want the report copied into those tools.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill metadata lists very broad trigger words such as “紫微”, “排盘”, and “算运势”, which can match common user requests without clear scoping or consent. This creates a real risk of unintended invocation, especially because the skill then asks for sensitive birth data and location, increasing downstream privacy exposure.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The documented trigger scenarios are conversational and ambiguous, for example asking about career or fortune, without requiring an explicit request to invoke this specific skill. In practice, such broad activation patterns can cause the agent to enter a sensitive-data workflow unexpectedly and collect birth time, birthplace, and gender when the user may not have intended to use this skill.

Missing User Warnings

High

Confidence: 97% confidence
Finding: The skill explicitly requires birth date/time, birthplace, and gender, which together constitute highly sensitive personal data and can enable profiling or identity inference. The document does not provide any privacy notice, purpose limitation, retention policy, consent step, or minimization guidance, making this a genuine privacy and security weakness rather than a harmless documentation omission.

Natural-Language Policy Violations

Medium

Confidence: 94% confidence
Finding: The skill hard-codes different interpretation rules for '男命' and '女命' without asking the user how they identify or providing any basis, fallback, or opt-out. In a user-facing fortune-telling skill, this can lead to discriminatory or exclusionary outputs, misclassification of users, and unequal treatment based on gendered assumptions embedded in the logic.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal