Welight 公众号排版发布

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed WeChat article formatting and publishing skill, with network and credential use tied to its stated purpose.

Install this only if you intend to let the agent fetch article URLs and use configured WeChat Official Account credentials. Use dry-run or draft mode first, review the rendered article and images before posting, and keep app credentials in a trusted config or environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The default prompt authorizes a broad workflow: ingesting article content, transforming it, presenting theme options, and publishing to a WeChat Official Account when prerequisites exist, but it does not define clear user-trigger boundaries or confirmation gates. In an agent setting, this increases the risk of unintended high-impact actions such as publishing or drafting content from ambiguous user input or from content pulled implicitly by the skill.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal