Story Deslop

Security checks across malware telemetry and agentic risk

Overview

This is a writing-editing skill that can rewrite user-specified story files, but its file writes and local formatting script are disclosed and aligned with that purpose.

Install this if you want an assistant that can directly revise Chinese fiction drafts. Before using it on important files, keep version control or backups and explicitly say whether you want detection only, a proposed rewrite, or direct file edits.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger phrases are broad enough to match ordinary requests like '帮我润色' or '这篇太AI了', which increases the chance the skill activates in situations where the user did not intend file-level rewriting behavior. Because the skill can progress from analysis to file modification, overbroad activation materially raises the risk of unintended system-affecting actions.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill directs the agent to edit/write files and run a Node.js script as part of normal operation, but it does not provide a clear user-facing warning or confirmation boundary for these side effects. In an agent environment, silent writes and command execution are dangerous because users may believe they are getting text advice while the system is actually mutating project files.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal