Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 94% confidence
- Finding
- The skill is presented as a WeChat message-sending skill, but its documented behavior also includes taking screenshots of the WeChat window, writing image files to disk, and reading/writing the system clipboard. Those capabilities materially expand data exposure beyond simple message sending because screenshots may capture chat history or contact information and clipboard access can expose unrelated sensitive data. In a desktop automation skill, these actions may be functional, but failing to clearly declare them creates a transparency and privacy risk.
