北京环球影城游园助手

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Beijing Universal Resort trip-planning skill that uses disclosed public park data and local reference data without credentials, persistence, or local data access.

Before installing, understand that real-time wait-time and schedule features contact themeparks.wiki, while other answers come from built-in reference data that may become outdated; verify tickets, hours, and safety constraints with official Universal Beijing Resort sources.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 76% confidence
Finding: The skill says it will automatically recognize user intent and invoke the corresponding tool from natural-language input, but it does not define clear activation boundaries, confirmation rules, or exclusions. That ambiguity can cause unintended tool execution and unnecessary sharing of user-provided text with external services, especially when a request is conversational or only loosely related.

Vague Triggers

Low

Confidence: 72% confidence
Finding: The example trigger phrase '推荐下一步玩什么' is broad enough to overlap with ordinary conversation, making accidental invocation more likely. In this skill, the consequence is limited because the domain is low-risk tourism assistance, but it can still lead to unnecessary tool calls and transmission of user text.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal