写作风格转换

Security checks across malware telemetry and agentic risk

Overview

The only substantiated issue is overly broad activation wording, which may make the skill trigger at the wrong time but does not show harmful behavior.

Installers should treat this as a low-risk skill, but review its trigger phrases: broad terms may cause it to activate when you wanted a different skill for file organization or summarization. Narrowing the triggers would improve predictability.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger list includes broad everyday phrases such as '整理文件' and '归类总结', which are not specific to stylistic rewriting and can cause the skill to activate in unrelated contexts. Over-broad activation can route user requests to an inappropriate skill, causing unintended handling of content, degraded safety enforcement, or bypass of more suitable specialized skills.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal