Story Short Analyze

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed short-fiction analysis workflow that writes local reports and metadata from user-provided story text.

Install this if you want a structured local pipeline for analyzing short fiction. Be aware it will copy the story text into a local `拆文库/{书名}/原文/` folder and write analysis files; only provide story files you have the right to use, and use an explicit command if you want to avoid accidental activation from broad analysis phrases.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill defines multiple natural-language trigger phrases such as ‘拆短篇’, ‘短篇拆文’, and ‘分析这篇短篇’, which are broad enough to match ordinary user requests outside a tightly scoped command invocation. This can cause unintended activation of the skill, leading it to process content or enter a file-writing pipeline when the user did not explicitly intend to invoke this specific capability.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal