飞书文档 AI 写作助手

Security checks across malware telemetry and agentic risk

Overview

This skill’s document creation and editing abilities are disclosed and fit its stated purpose, but users should treat write and batch-replace actions carefully.

Install only if you intend to let the agent work with external documents. Confirm the exact document, operation, and replacement text before any create, update, delete, or batch action, and use the least-privileged account or connection available.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill exposes broad example utterances that can trigger document creation and content generation without clearly defining authorization, confirmation, or scope limits. In an agent environment, vague invocation patterns increase the chance of unintended activation or overbroad actions, especially because the skill can create external documents and populate them with generated content.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill advertises automatic document creation, beautification, batch creation, and batch content replacement, but does not warn about destructive or privacy-sensitive effects on user documents. In context, this is more dangerous because the skill operates on collaboration documents where unintended writes, overwrites, or bulk changes could affect business records, leak sensitive information, or cause broad workspace disruption.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal