Xueersi Daily Question Generator

Security checks across malware telemetry and agentic risk

Overview

This is a simple tutoring prompt that generates daily practice questions and does not request system access or sensitive permissions.

This skill is reasonable to install for practice-question generation. Be aware that generic prompts like "give me a question" may invoke it unexpectedly, treat the Xueersi affiliation as unverified, and avoid sharing unnecessary sensitive student information.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrase "give me a question" is overly broad and can match many normal conversational requests that are not intended to invoke this specific skill. This can cause unintended activation, leading to confusing behavior, context hijacking, or interference with other skills or the base assistant.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal