wechat_messaging

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do its stated WeChat messaging job, but it sends contact lookups and message contents through a fixed private API whose operator and sending account are not explained.

Review before installing. Use this only if you operate or explicitly trust the API at the configured private address and know which WeChat account it controls. Before confirming a send, verify the selected recipient, wxId, sender account, and exact message text.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly sends recipient identifiers (`contact`/wxId) and message content to an external API endpoint, but the description does not warn the user about this data transmission. This creates a consent and privacy risk, especially because the endpoint is a private IP over HTTPS and users are not told what system receives their contacts and message contents.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal