Weread Digest

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local WeRead note summarizer and knowledge-base archiver, with no executable payload and required confirmation before writing files.

Install only if you are comfortable letting the agent read your exported WeRead notes and write Markdown files into the knowledge-base folder you configure. When using archive features, review the proposed file list carefully before confirming, especially if the workflow was triggered by the short phrase “入库”.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrase `入库` is extremely broad and can appear in ordinary conversation unrelated to archival operations. Because this skill can create files and modify an external knowledge base, accidental activation could cause unintended write actions or initiate a workflow that exposes local paths and configuration prompts.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal