方洪波思维视角 v2.0

Security checks across malware telemetry and agentic risk

Overview

This appears to be a persona-style management skill with broad trigger wording, but no evidence of hidden actions, credential use, persistence, or system changes.

Install this only if you want a Fang Hongbo-style management perspective to appear in relevant business discussions. Be aware that generic management phrases may invoke it unintentionally, so users should disable or narrow triggers if they want explicit opt-in behavior only.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger list includes generic business terms such as “职业经理人”, “战略定力”, and “组织重构”, which are broad enough to match many normal enterprise conversations unrelated to this specific skill. This can cause unintended invocation, confusing skill routing and potentially surfacing proprietary or opinionated behavior when the user did not explicitly request it.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger list contains broad generic phrases such as business and management terms that could appear in ordinary conversation, causing unintended activation of the skill. In a persona-style skill, accidental invocation can steer the assistant into a constrained viewpoint without explicit user intent, which may degrade response reliability and user control.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal