Security audit

倪师问诊 Nishi Tcm Consultant

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it gives detailed health diagnosis, herbal formula, and dosage-style guidance that users could mistake for medical treatment advice.

Review this skill carefully before installing. It does not show technical malware behavior, but it can produce confident medical-style recommendations and herbal dosing information. Use it only for study or historical discussion, not self-diagnosis or treatment, and consult a licensed clinician for symptoms, pregnancy or postpartum issues, bleeding, severe pain, fever, cancer, psychiatric symptoms, or any medication/herb use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The reference materially broadens the skill from TCM consultation into detailed astrology, divination, and feng shui guidance, contradicting the stated scope that these topics should be only auxiliary and minimally mentioned. In a health-adjacent skill, this creates unsafe scope drift: the agent may provide deterministic occult guidance alongside medical-style advice, confusing users about what is evidence-based and increasing the risk of harmful decisions based on non-medical claims.

Missing User Warnings

High

Confidence: 95% confidence
Finding: The file presents symptom-to-formula mappings and dosage ranges in a quick-reference format before giving any immediate warning that users should not self-diagnose or self-treat. In a medical skill explicitly designed to suggest辨证分析 and经方 recommendations, this increases the chance that a user or downstream agent will treat the content as actionable clinical guidance, which can lead to harm, especially given toxic or high-risk herbs such as附子、麻黄、细辛 and condition-specific recommendations.

Missing User Warnings

High

Confidence: 96% confidence
Finding: This section presents treatment guidance for serious conditions using named formulas and specific dosing-style instructions without an immediate, localized safety warning, triage guidance, or clear prohibition against self-treatment. In a skill explicitly designed to give symptom analysis and formula suggestions, users may treat this as actionable medical advice, creating risk of delayed diagnosis, inappropriate self-medication, and harm for conditions such as cancer, bleeding, or postpartum complications.

Missing User Warnings

High

Confidence: 98% confidence
Finding: This file contains detailed diagnostic heuristics, syndrome differentiation, and named treatment/formula recommendations that can be used as actionable medical advice. Although the skill metadata includes a disclaimer, the file itself lacks an in-file warning, and the skill is explicitly designed to analyze symptoms and suggest treatments, which increases the chance that users receive or act on medical guidance without appropriate clinical evaluation.

Missing User Warnings

High

Confidence: 97% confidence
Finding: This reference file contains detailed medical diagnostic and treatment guidance, including dosing concepts and disease-specific claims, but does not itself include a warning that it is not professional medical advice. Because this content is designed to feed a skill that gives symptom analysis and formula recommendations, users may rely on it for real health decisions, increasing the risk of delayed care, inappropriate self-treatment, or harm from unsafe recommendations.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal