Back to skill

Security audit

Aesthetic Builder

Security checks across malware telemetry and agentic risk

Overview

This is a design-oriented skill that generates aesthetic style-system skill files, with no executable code or hidden data-handling behavior found.

Install this if you want a Chinese-language workflow for generating aesthetic or visual style-system skills. Review generated Skill files before installing or using them, and be aware that broad design-related trigger terms may invoke it in general design conversations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list includes several broad, everyday phrases such as '设计风格', '视觉风格', and '配色方案' that are likely to appear in ordinary design conversations. This can cause unintended invocation of the skill in contexts where the user did not explicitly request it, leading to prompt hijacking of the interaction flow or inappropriate routing to this skill.

Natural-Language Policy Violations

Medium
Confidence
80% confidence
Finding
The description and trigger content are written entirely in Chinese and present the skill as Chinese-language oriented without any indication of language negotiation or user preference handling. In a multilingual environment, this can cause the system to respond in an unexpected language, degrading usability and potentially confusing downstream workflows or users.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.