China’s National Computer Network Emergency Response Technical Team (CNCERT) has issued a stern warning regarding the rise of malicious ‘Skills’—the functional plugins or agent packages used to enhance the capabilities of large language models. The regulator identified a trend where these skills are being advertised under the guise of 'jailbreaking' tools or 'mining' utilities, luring users into bypassing the safety guardrails built into domestic AI platforms.
The agency noted that these rogue components are designed to trick models into generating restricted content or, more surreptitiously, to hijack a user’s hardware resources for illicit cryptocurrency mining. Beyond local device degradation, CNCERT warned that these activities could inadvertently entangle users in broader criminal networks, including money laundering and the dissemination of illegal information, which can lead to immediate account bans or legal scrutiny under China’s strict internet governance laws.
This development marks a new frontier in China’s ongoing struggle to balance AI innovation with social control. As the Chinese tech sector shifts from developing foundational models to building a 'Skill' and 'Agent' ecosystem, the surface area for cyber threats has expanded. The move by CNCERT signals that Beijing is now looking beyond the model providers and focusing on the modular add-ons created by third-party developers and disseminated through decentralized channels.
For operators of AI platforms, the warning translates to a mandate for more rigorous source auditing and real-time behavior monitoring. Users are being urged to purge any suspicious components and remain vigilant against tools promising to 'unleash' the full power of restricted AI models, as the price for such freedom often includes severe security vulnerabilities and potential legal repercussions.