Back to skill

Security audit

瑜伽学员管理

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local student-management tool that stores student records and can email them, but users should handle the stored personal data and email password carefully.

Install only if you are comfortable storing student personal data and an SMTP password/app code in this skill directory. Use an app-specific email password, protect the folder from syncing or sharing, confirm the configured recipient/account before sending reports, and avoid putting highly sensitive information in notes because deduction emails and full reports may include it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The code can email a complete report containing all student data, which exceeds the stated behavior of sending records after each deduction. This creates an unnecessary bulk-export path for personal data and increases the chance of large-scale privacy leakage if email settings are misconfigured, compromised, or used without informed consent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill automatically emails class-deduction records after each update, and the documented data model includes personal student information such as name, phone, WeChat, notes, and course history. Without an explicit privacy warning, data-minimization guidance, or consent notice, users may transmit personal data over email in a way that increases exposure through mailbox compromise, misconfiguration, or unintended recipients.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill documents deletion of student records and creation of local database/config files containing sensitive information, including contact details and email configuration secrets. Without warnings about irreversible deletion, local sensitive-data storage, backup, and secret protection, users may accidentally lose data or expose personal information and SMTP credentials.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly stores student personal data locally in SQLite and sends lesson records and full reports by email, but the documentation does not warn about privacy, sensitivity of personal data, or email transmission risks. This can lead operators to handle names, phone numbers, WeChat IDs, and class records without informed consent, adequate safeguards, or awareness that email may expose sensitive information if misconfigured or compromised.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The code stores SMTP credentials, including the email password, directly in a local JSON config file. This creates a real confidentiality risk because any local user, backup process, malware, or accidental file sharing can expose reusable email credentials, and the skill context increases risk because these credentials are intended for active outbound email use.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The function sends detailed student records by email, including personal data such as name, phone, WeChat, notes, course details, and deduction logs, but the code shown provides no user-facing notice, consent step, or confirmation before transmitting that sensitive data over the network. In a local student-management tool, silent outbound transmission of PII increases privacy, compliance, and accidental data-leak risk, especially if the configured recipient is wrong or the email account is compromised.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
After deducting hours, the code automatically emails full student records without any explicit warning that personal information is being transmitted externally. Because the record may include phone, WeChat, notes, and course history, this can expose sensitive personal data beyond what users may reasonably expect from a routine attendance operation.

Missing User Warnings

High
Confidence
96% confidence
Finding
This function emails all student data as a complete report and does so without an explicit privacy warning or confirmation step. Bulk transmission of the entire dataset materially raises the impact of mistakes or abuse, turning a single action into a mass disclosure of student PII and business records.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.