Tianshu Review Calendar

Security checks across malware telemetry and agentic risk

Overview

This is a simple local study-calendar generator that reads only user-provided topics and prints a Markdown schedule.

Reasonable to install for generating a study plan. Only pass --file a topics file whose contents you are comfortable including in the printed Markdown schedule; expect the script's prompts and output to be in Chinese.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Low

Confidence: 96% confidence
Finding: The script's error messages, usage text, headings, and instructions are all hard-coded in Chinese. Under the policy, forcing a specific language without user opt-in is a natural-language policy issue unless the locale restriction is explicitly documented and justified, which is not present here.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal