个人发展复盘助手

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Chinese personal review skill that may read user-provided local files but shows no code execution, network use, persistence, or hidden behavior.

Install only if you want a Chinese-language personal review assistant. Provide only text or file paths you intentionally want summarized, especially because reports may include sensitive details about health, relationships, finances, and daily life.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 91% confidence
Finding: The skill hard-codes Chinese-only output ('中文输出') without indicating that this is conditional on user preference. This can override user expectations or system locale, reducing transparency and potentially causing unsafe misunderstandings if the user cannot accurately review the generated report.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal