Back to skill

Security audit

description: 将用户讲稿一键生成乔布斯风极简科技感竖屏HTML演示稿。当用户需要生成PPT、演示文稿、Slides、幻灯片,或要求科技风/极简风/乔布斯风格的演示时触发此技能。输出为单个可直接运行的HTML文件。

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Chinese-oriented HTML slide generator with visible CDN dependencies and no evidence of hidden data access, persistence, or destructive behavior.

Install this if you want Chinese-style minimalist HTML slide decks. For confidential, offline, or tightly controlled presentations, review or replace the CDN links for TailwindCSS and fonts, and explicitly ask for another language if you do not want Chinese output.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The template depends on third-party CDN-hosted JavaScript and font resources, so the generated HTML is not actually self-contained and directly runnable offline as described. This introduces supply-chain and privacy risks: if the CDN content changes, is compromised, blocked, or unavailable, the presentation may break or execute untrusted code in the user's browser.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger description is broad enough to activate on many generic presentation-related requests, which can cause the skill to be invoked when the user did not specifically ask for this specialized HTML slide generator. Overbroad activation increases the chance of unintended instruction takeover, user-surprising behavior, and misapplication of the skill’s strong formatting/output constraints.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The skill metadata and instructions strongly prescribe Chinese-language output conventions without indicating that the agent should preserve or adapt to the user’s language. This can override user expectations, cause incorrect language output, and create prompt-priority conflicts where the skill’s defaults displace the user’s requested language or locale.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The default prompt and trigger wording are broad enough to activate the skill for a wide range of presentation-related requests without clear user confirmation or scope limits. In an agentic system, this can cause inappropriate routing, unintended takeover of user requests, or generation of outputs the user did not explicitly ask for, especially when other skills may be more appropriate.

Natural-Language Policy Violations

Medium
Confidence
96% confidence
Finding
The skill metadata and default prompt hard-code Chinese output behavior regardless of the user's language preference, which can override user intent and create unsafe or unreliable agent behavior. Forced language output is especially problematic in multi-skill systems because it can silently transform requests, degrade usability, and cause incorrect downstream handling when users expect another language.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.