Back to skill

Security audit

交通数字化AI化高级专家(标准版)

Security checks across malware telemetry and agentic risk

Overview

This is a large transportation digitalization reference skill with high-risk planning content, but it is disclosed, text-only, and does not install code, persist, access credentials, or move data.

Install only if you want a broad transportation digitalization reference library. Treat its finance, biometric surveillance, mobility tracking, and public-infrastructure advice as draft planning material, and require qualified legal, privacy, safety, accounting, and security review before using it in real projects.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Findings (46)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The file materially deviates from the skill's declared purpose of serving as a transportation technology reference and instead provides detailed accounting guidance for data-asset recognition, capitalization, valuation, and financial reporting. This scope drift is dangerous because users may rely on the skill for regulated finance/accounting decisions outside the advertised domain, increasing the risk of unauthorized professional advice, compliance errors, and misuse in enterprise decision-making.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The workflow includes guidance on data-asset pledges, securitization, capital structure effects, and financing strategy, which extends into regulated corporate finance activity not justified by the stated transportation technology reference context. This is risky because it can prompt users to take financing or securities-related actions based on unvetted content presented under a different domain label, creating legal, regulatory, and financial harm.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger examples are very broad, covering generic requests like planning, ROI analysis, proposal writing, and assessment. In an agent environment, this can cause the skill to activate for ordinary consulting-style prompts outside a narrowly scoped domain, increasing the chance of inappropriate skill takeover, overreach, or unexpected instruction precedence.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill declares itself applicable to essentially any transportation-related request, which weakens least-privilege skill routing and increases the chance it is invoked outside the user's intended scope. Overbroad activation can cause policy bypass-by-relevance, unwanted prompt takeover, or crowd out more appropriate specialized skills.

Vague Triggers

High
Confidence
97% confidence
Finding
The appendix states that any listed trigger term can invoke the skill, and the list includes extremely broad generic transportation and technology terms. This creates an aggressive activation surface that can hijack unrelated conversations, increase prompt injection exposure, and cause the skill's strong behavioral constraints to be applied when the user did not explicitly request it.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The case study describes large-scale integration of sensitive transportation data, including vehicle trajectories, key-vehicle monitoring, and multi-department data sharing, but provides no privacy, retention, access-control, or legal-compliance caveats. In a skill that serves as a reference system for transportation solutions, this can normalize surveillance-heavy designs without safeguards and lead users to replicate insecure or non-compliant data practices.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The platform description includes APP and SMS-based information release without noting authorization, recipient validation, or privacy and anti-abuse controls. Even in a planning document, omitting these safeguards can encourage implementations that expose personal contact data or enable unauthorized outbound notifications.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The case study describes collection of sensitive operational and quasi-personal data, including GPS patrol tracks, photo/location incident reports, and traffic estimates derived from mobile signaling, but gives no notice about consent, purpose limitation, retention, or access controls. In a real deployment, this omission can lead to privacy violations, unauthorized surveillance concerns, and noncompliance with data protection requirements, especially because the users include staff, road chiefs, and members of the public.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The document explicitly recommends fusing large-scale公交IC卡、乘车码、移动信令、互联网LBS and user画像 data to reconstruct passenger OD chains at station-level precision, but it does not mention consent, lawful basis, minimization, de-identification, retention limits, or user-facing notice. In a transportation AI reference skill, this omission is risky because it normalizes privacy-invasive data practices that could enable re-identification, profiling, and misuse of sensitive mobility patterns if adopted as written.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The document normalizes large-scale collection and analysis of passenger data, including ticketing, gate, video, and behavioral inputs, but does not mention consent, notice, retention limits, minimization, or lawful basis for processing. In a reference skill for transportation practitioners, this omission can encourage deployment patterns that violate privacy requirements or enable excessive surveillance by design.

Missing User Warnings

High
Confidence
97% confidence
Finding
This section explicitly describes facial recognition, blacklist monitoring, and rapid identification of 'key persons' without any discussion of legal constraints, bias, false positives, due process, or civil-liberties protections. Because the skill is positioned as an authoritative solution reference, presenting such surveillance capabilities as standard practice increases the risk of harmful or unlawful deployment in sensitive public spaces.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The content describes personalized recommendations based on member profiles and behavioral data, but omits notice, consent/choice, profiling controls, and limits on secondary use of passenger data. In a professional design reference, this can lead implementers to treat behavioral profiling as routine without embedding user rights, transparency, or opt-out safeguards.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The document encourages prioritization of AI scenarios that inherently involve sensitive data such as video surveillance, license plate recognition, driver behavior analysis, and complaint classification, but it does not require a clear privacy, lawful-basis, retention, minimization, or data-subject impact review before those scenarios advance. Although section 2.1 briefly asks whether data involves privacy/security restrictions, that is insufficient as a governance control and may lead teams to operationalize surveillance-heavy use cases without adequate consent, legal review, or safeguards.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The document includes example contact fields for internal staff and vendor support contacts using phone-number style personal contact data, but it does not clearly warn readers not to use real personal information in templates, demos, or circulated playbooks. In a governance handbook likely to be copied into operational practice, this can normalize unnecessary exposure of employee/vendor PII and lead to accidental publication, over-sharing, or non-compliant reuse of contact details.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The section provides concrete handling patterns for sensitive personal data such as license plates, faces, ID numbers, phone numbers, VINs, ETC card numbers, and addresses, but lacks a strong up-front warning that these examples involve regulated personal/sensitive data and that masking alone may not be sufficient for lawful processing or safe de-identification. In this transportation context, these data types are highly linkable and operationally sensitive, so readers may incorrectly treat the examples as universally safe processing guidance and expose regulated data in analytics, testing, or external sharing.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This section directs assessors to collect interviews, questionnaires, document reviews, and on-site observations, but provides no instructions to minimize, classify, redact, or protect personal and sensitive business information. In a consulting/reporting template, that omission can normalize over-collection and unsafe inclusion of employee statements, operational details, and internal documents in the final report.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The template asks for named interviewee lists with departments, titles, dates, durations, and topics, which creates a structured repository of personal data without any warning about privacy, consent, or need-to-know restrictions. In enterprise assessments, this can expose employee identities, internal roles, and attribution trails that increase privacy, HR, and insider-risk concerns.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The appendices encourage direct interview quotes, detailed system inventories, vendor names, architecture, interconnections, and data volumes, all without sensitivity labeling or publication controls. That combination can materially aid reconnaissance by exposing internal technology stacks, unsupported systems, dependencies, and attributable human statements alongside potentially regulated or confidential information.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The template explicitly routes OBU/RSU/感知数据 and logs to the cloud platform for global analysis, which can include persistent vehicle telemetry, device identifiers, and potentially pedestrian-related observation data. In a real deployment, omitting any privacy notice, lawful-basis guidance, data minimization, retention limits, or de-identification requirements creates a concrete privacy and compliance risk and increases the chance of overcollection and misuse.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The template includes vehicle detection, license-plate recognition, and OBU trip-data storage capabilities, all of which can process personal information and enable tracking of identifiable individuals or vehicles. Because the document presents these capabilities without any accompanying privacy controls, use restrictions, or compliance requirements, it normalizes collection of sensitive mobility data without safeguards.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The template explicitly specifies collection of vehicle detection, trajectories, license plates, vehicle characteristics, and abnormal driving behavior, but provides no privacy, retention, minimization, legal basis, or access-control guidance. In a real smart-highway deployment, this omission can normalize overcollection and downstream misuse of personally identifiable and sensitive mobility data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The external data-sharing section authorizes sharing billing, traffic, incident, violation, and navigation data with multiple third parties via API, message queues, and dedicated links without any constraints on minimization, authorization, contractual controls, or user/public notice. Because these data flows may include financial, location, enforcement, and identifying information, the omission increases the risk of unauthorized disclosure, secondary use, and compliance failures.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This template promotes broad collection, integration, and sharing of operational, vehicle, shipment, and potentially personal data across port operators, drivers, customs, carriers, and other parties, but it omits any privacy, retention, access-control, or data-governance constraints. In a real deployment, that omission can normalize over-collection and uncontrolled data flows, increasing the risk of privacy violations, insider misuse, excessive surveillance, and regulatory noncompliance.

Missing User Warnings

High
Confidence
96% confidence
Finding
The safety section explicitly recommends AI video analytics, facial recognition, personnel RFID/RTLS tracking, and automated slowdown/stop actions without discussing consent, proportionality, false positives, labor/privacy impacts, or safety fail-safe design. In a port environment, these capabilities can directly affect worker movement, access, disciplinary monitoring, and equipment behavior, making unchecked surveillance and unsafe automated intervention materially harmful.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The template explicitly includes low-altitude patrol, policing/security, and real-time video/data return use cases, but it does not prompt the user to assess privacy, personal information handling, surveillance boundaries, retention limits, or legal authorization requirements. In a planning document, this omission can normalize deployment of surveillance-capable systems without embedding compliance controls, increasing the risk of unlawful data collection, over-surveillance, and public-safety/privacy harms.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.