1688 Sourcing Assistant

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed 1688 shop analytics helper that uses sensitive seller data, but its access is mostly read-only and aligned with its stated purpose.

Install only if you are comfortable giving the skill an AK that can read 1688 seller metrics, including customer and geography details. Be aware that the skill says each CLI command sends a usage record to its gateway, so review provider privacy expectations before using it with sensitive store data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger list contains very broad terms such as "1688," "sourcing," and "profit margin," which can appear in many ordinary conversations and cause the skill to activate outside its intended context. Over-broad activation can route users into supplier-search, listing-generation, and pricing workflows unexpectedly, increasing the chance of inappropriate data handling, irrelevant actions, or user confusion.

Vague Triggers

Low

Confidence: 84% confidence
Finding: The skill describes several situations where it should be used but does not clearly state exclusion conditions or boundaries for when it should not run. This ambiguity makes accidental invocation more likely, especially because the skill spans multiple functions—supplier search, financial calculations, and content generation—which broadens the set of conversations it may incorrectly intercept.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal