Ren Zhengfei Perspective

Security checks across malware telemetry and agentic risk

Overview

This is a text-only business-perspective skill that may activate broadly, but it does not request code execution, credentials, network access, persistence, or privileged changes.

Install only if you want business advice framed through Ren Zhengfei and Huawei management concepts. Consider narrowing activation to explicit Ren Zhengfei requests if you do not want it to appear in general strategy conversations, and independently verify quoted historical claims before relying on them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The activation rules are broad enough to trigger on ordinary business-strategy phrases such as '护城河' or '长期主义', which can cause unintended persona switching without clear user consent. In an agent setting, ambiguous auto-activation can override the user's expected mode, reduce predictability, and introduce prompt-routing errors that affect response reliability and policy compliance.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger section mixes precise invocation keywords with broad subject areas like strategy, risk, and innovation, making activation boundaries unclear. This increases the chance of accidental activation during normal enterprise discussions, which can mis-steer the assistant into a specialized framing the user did not request and degrade safe, context-appropriate behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal