Security audit

发芽笔记生成

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only note-generation skill that saves a local Markdown report, with no executable code, credentials, or hidden behavior found.

Install is reasonable for its intended use. Use an explicit invocation, choose the output directory deliberately, and avoid processing private or sensitive material unless you are comfortable with a generated local note being saved.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The manual trigger phrase includes very generic terms like '发芽' and '生成发芽笔记', which may be invoked during ordinary conversation rather than through an explicit command. In an agent environment, ambiguous activation can cause unintended processing of user content and downstream file creation without clear intent, increasing the chance of accidental data handling.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill writes generated markdown to disk but does not prominently warn users about this persistence behavior. If invoked on sensitive article content, private messages, or copied text, the agent may leave behind local files containing derived or source-sensitive information, creating confidentiality and retention risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.