心理学数据分析（统计检验、结果解读）

Security checks across malware telemetry and agentic risk

Overview

This is a local psychology statistics helper with a minor broad-trigger issue, but no hidden data access, network activity, persistence, or unsafe behavior was found.

Install this if you want a psychology-focused statistics assistant. For generic spreadsheet, business, financial, or unrelated data work, confirm the skill is the right one before using it, and run the included Python script only on files you intentionally choose to analyze.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 75% confidence
Finding: The trigger phrases are broad enough to activate on generic requests such as 'analyze data' or 'process data', which can cause the skill to engage outside the user's intended context. Over-broad invocation increases the chance of unintended access to sensitive research or personal data and may route users into statistical workflows without adequate consent or scoping.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal