Security audit

崖州招商通

Security checks across malware telemetry and agentic risk

Overview

This is a coherent investment-research and policy-reporting skill, but users should expect web lookups and local Word report files.

Install this only if you want an investment-promotion assistant that may use external search/financial tools and create local Word documents. Avoid putting confidential negotiation details into external lookups, verify important policy figures with official sources, and save generated reports in a controlled location rather than a shared Desktop or synced folder.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (4)

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The skill requires writing a .docx file to the user's desktop or working directory after every response, which is a local side effect affecting the filesystem. Even if intended for convenience, unconditional file creation can leak sensitive business/policy analysis into insecure locations, overwrite existing files, or surprise users who did not consent to persistent storage.

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: The workflow couples ordinary question answering with mandatory local .docx generation, creating an unexpected persistence action that exceeds what many users would assume from a policy-knowledge skill. This increases the risk of unintentional storage of potentially sensitive due-diligence reports, internal government招商 materials, or policy analyses on shared or unmanaged devices.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger word list includes broad, common terms such as '招商', '行业分析', and '企业调查', which may cause accidental invocation in unrelated conversations. In this skill, accidental triggering is more concerning because invocation can lead to external searches, financial-data retrieval, policy processing, and mandatory document creation, increasing exposure beyond a harmless formatting error.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs automatic Word generation and saving without any risk notice, consent checkpoint, or path review. This is dangerous because the generated content may contain sensitive company assessments, government-facing招商 recommendations, or policy interpretations that become persistently stored where other local users, backup systems, or synced cloud folders can access them.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.