12th June 2026
By Shubhii Verma
CNCERT Issues Warning Over Malicious Third-Party AI Tools
China’s cybersecurity authorities have issued a warning about a growing market for third-party artificial intelligence (AI) tools and extensions that claim to bypass safety restrictions, generate prohibited content, and even facilitate cryptocurrency mining. Regulators say these unregulated AI “skills” pose significant risks, including data leaks, cybersecurity threats, and potential legal consequences for users.
The National Computer Network Emergency Response Coordination Centre (CNCERT) released the warning through its official WeChat channel, highlighting concerns over the rapid expansion of AI plug-ins and add-on services. In modern AI ecosystems, skills function similarly to mobile applications, allowing AI models and agents to connect with external services, automate tasks, access databases, and perform specialized functions beyond standard text generation.
While many AI skills are designed for legitimate purposes, CNCERT warned that some developers are marketing tools specifically designed to circumvent built-in safety controls. According to the agency, certain extensions promise users access to restricted content generation capabilities or cryptocurrency-related functions, including crypto mining activities that remain prohibited in mainland China.
Crypto Mining Malware and User Risks Highlighted by Authorities
Authorities cautioned that using such tools could expose users to privacy breaches, account suspensions, financial losses, and even legal penalties. The watchdog emphasized that many of these unofficial extensions request extensive permissions, potentially granting developers access to sensitive personal or corporate information.
CNCERT also raised concerns about malicious AI skills that attempt to trick users into downloading cryptocurrency-mining software or persuade AI agents to install such programs automatically. These applications can secretly consume computing resources to generate digital assets, leading to increased electricity costs, reduced device performance, and accelerated hardware wear.
China’s AI Boom Creates New Cybersecurity Challenges
The warning comes as China’s AI sector experiences rapid growth. Popular AI platforms such as Manus, Coze, Dify, and Flowith have encouraged third-party developers to create specialized skills that expand the functionality of their systems. While this approach promotes innovation, it also creates new security challenges as external code gains access to AI environments.
Security researchers have repeatedly warned that AI agents capable of executing third-party code introduce additional attack surfaces that cybercriminals can exploit. According to JailbreakBench, an open-source platform that evaluates AI security, malicious prompt injections and compromised extensions continue to achieve high success rates in bypassing safety mechanisms deployed by major AI developers.
To address these risks, CNCERT urged users to download AI skills only from official sources and carefully review requested permissions before installation. The agency also recommended that businesses establish strict approval processes for AI extensions, conduct security audits, and operate AI systems within isolated environments to protect sensitive data.
As AI adoption accelerates across industries, Chinese regulators are increasingly focused on balancing innovation with cybersecurity and user protection, particularly as unofficial tools become more sophisticated and widely available.
