classical-chinese

Security checks across malware telemetry and agentic risk

Overview

This skill only changes answers into compressed Classical Chinese and does not request file, network, credential, or persistent access.

Install this only if you want responses compressed into Classical Chinese. Use explicit levels such as /l, /m, or /e, and avoid heavy compression for medical, legal, financial, safety, debugging, or other situations where clarity is more important than saving tokens.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger description is broad enough to activate on common requests such as asking for concise output or token savings, which can unintentionally override the assistant’s normal response style. This increases the chance of mis-triggering and applying the skill when the user did not clearly request Classical Chinese, potentially reducing clarity in important or safety-relevant responses.

Natural-Language Policy Violations

Medium

Confidence: 88% confidence
Finding: The skill instructs the agent to convert replies into Classical Chinese once triggered, but does not require clear user consent beyond activation heuristics. In practice, this can degrade comprehension, especially for technical, medical, legal, or safety-related guidance, and the 'token saving first' priority may further pressure the model to omit clarifying language.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal