Back to skill

Security audit

Wechat Article Optimizer

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only WeChat article writing helper with no code execution, credentials, persistence, or hidden data access.

Safe to install as a writing-assistance skill. Use explicit prompts when invoking it, avoid pasting confidential unpublished drafts unless you trust your agent environment, and note that the declared Node requirement appears unnecessary for this instruction-only package.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The invocation examples are extremely generic natural-language requests such as “推荐一个合适的封面图” and “什么时候发布阅读最高”, which can overlap with ordinary conversation and unintentionally trigger the skill in unrelated contexts. In an agent system, broad trigger phrases increase the risk of misrouting user intent, causing the wrong skill to activate and process content the user did not mean to send to this skill.

Natural-Language Policy Violations

Medium
Confidence
72% confidence
Finding
The skill is documented entirely as Chinese-only behavior without offering language selection or stating that it is restricted to Chinese-language微信公众号 workflows. This can cause incorrect handling of user input, poor intent matching, or unexpected transformations when invoked in multilingual environments, though it is primarily a robustness and usability security issue rather than a direct exploit path.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.