Prompt Optimizer Chinese

Security checks across malware telemetry and agentic risk

Overview

This is a low-risk prompt rewriting skill, with the main caution that it may over-edit vague prompts if invoked too broadly.

Installers should use this when they explicitly want prompt optimization and review the rewritten prompt before sending it onward, especially for sensitive, legal, medical, multilingual, or highly precise instructions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill metadata description advertises a very broad, all-purpose optimization capability without any explicit trigger boundaries, input constraints, or limits on when the skill should activate. In agent environments, overly broad activation increases the chance the skill is invoked on unrelated or sensitive user inputs, causing unintended prompt rewriting, context interference, or policy dilution.

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The instruction to automatically optimize ambiguous input according to the 'most reasonable intent' removes an important safety boundary and lets the skill act without explicit user confirmation. This can lead to incorrect task framing, accidental transformation of sensitive content, or agent behavior that exceeds what the user actually requested.

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal