Atomic Code Generator

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only Chinese code-generation methodology skill with no executable installer, hidden data access, persistence, or network behavior found.

Install this if you want a Chinese-language structured workflow for decomposing features into atomic methods and code. Be aware it may activate on broad coding phrases, and review generated code carefully, especially for security-sensitive examples such as authentication.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger list includes broad generic phrases such as '代码生成', '方法调用', and '代码结构', which are likely to appear in many ordinary conversations. This can cause accidental or overly frequent invocation of the skill, leading the agent to activate code-generation behavior outside the user's intent and potentially override safer or more appropriate routing.

Natural-Language Policy Violations

Medium

Confidence: 97% confidence
Finding: The exemplar is entirely written in Chinese and presents Chinese-only prompts, comments, error messages, and report formats without indicating that language is configurable or constrained by a documented locale requirement. This can force downstream agents or users into a single language mode, causing misunderstandings, reduced usability, and potentially missed security-relevant details when users expect another language.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal