China sounds alarm over AI ‘skills’ that evade guard rails and mine crypto
Malicious AI skills can trick users into running crypto-mining software and expose sensitive data, CNCERT warns
China’s cybersecurity watchdog has warned against third-party AI “skills” packages that claim to bypass model safety guard rails and generate otherwise prohibited content, or provide access to cryptocurrency-mining functions, saying the tools expose users to data leaks and money-laundering risks.
The National Computer Network Emergency Response Coordination Centre (CNCERT) issued the warning on Tuesday via its official WeChat account, highlighting the rapid emergence of a grey market for unregulated AI extensions.
In the AI ecosystem, skills function as plug-ins or specialised code packages that expand the capabilities of AI agents and models. Similar to smartphone apps, they can connect AI systems to external databases, automate workflows and integrate with third-party software or online services, enabling more complex tasks beyond text generation.
However, CNCERT said some skills are marketed as tools for circumventing built-in restrictions in AI models, allowing users to generate prohibited content or access cryptocurrency-mining functions, which remain banned in mainland China.
The agency warned that using such tools could result in privacy breaches, account suspensions and potential legal consequences.
While the AI skills ecosystem includes many legitimate offerings, CNCERT said users should obtain skills only through official channels, follow the principle of least privilege when granting permissions and promptly revoke unnecessary access to sensitive data.