云手机运管平台操作

Security checks across malware telemetry and agentic risk

Overview

The skill is coherent and instruction-only, but it automates a production admin console with weak target scoping and broad file-download behavior that users should review carefully.

Install only if you are authorized to use this production cloud-phone operations platform. Before using it, confirm the exact instance ID and file path for every action, avoid downloading credential or private application data, review or redact files before placing them in the workspace, and delete copied logs when no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrase "打开实例详情" is overly broad for a high-impact admin skill operating on a production cloud phone management platform. Because the skill supports sensitive actions tied to specific instances, a context-free trigger can cause accidental navigation to whatever instance is currently selected or visible, increasing the risk of unintended access or follow-on actions such as file downloads from the wrong target.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal