Back to skill

Security audit

发芽笔记生成

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only note-generation skill that saves a local Markdown report, with no executable code, credentials, or hidden behavior found.

Install is reasonable for its intended use. Use an explicit invocation, choose the output directory deliberately, and avoid processing private or sensitive material unless you are comfortable with a generated local note being saved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The manual trigger phrase includes very generic terms like '发芽' and '生成发芽笔记', which may be invoked during ordinary conversation rather than through an explicit command. In an agent environment, ambiguous activation can cause unintended processing of user content and downstream file creation without clear intent, increasing the chance of accidental data handling.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill writes generated markdown to disk but does not prominently warn users about this persistence behavior. If invoked on sensitive article content, private messages, or copied text, the agent may leave behind local files containing derived or source-sensitive information, creating confidentiality and retention risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.