China Express

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Chinese package-tracking skill that clearly uses Kuaidi100 and does not install code, persist data, or request privileged access.

Install this if you want an agent to check Chinese shipment status through Kuaidi100. Avoid pasting unrelated personal details, and handle phone-last-four, CAPTCHA, login, or slider verification prompts manually rather than expecting the skill to bypass them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The trigger condition includes a very broad phrase like “帮我查下这个快递,” which can match common conversational input without strong gating or confirmation. In an agent environment with browser automation, this can cause the skill to activate unexpectedly and drive navigation to a live site using partially inferred package-related data, increasing the risk of over-collection, mistaken actions, or privacy exposure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal