Security audit

qinglite

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it logs into qinglite.cn with user-provided SMS credentials and can publish user-provided content using a token, but users should handle the token carefully.

Install only if you intend to use qinglite.cn through this skill. Treat the returned token like a password, avoid running the login flow where terminal output is logged or shared, and review all publish fields before sending because the token authorizes posting to the account.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (4)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill collects and transmits sensitive authentication data including phone number, one-time code, and returned token without warning users about privacy, token handling, or account-security implications. Because these credentials can be used to access or act on the user's account, insufficient disclosure materially increases risk of credential misuse or accidental exposure.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The publish workflow sends both user-generated content and an authentication token to an external service, but the documentation does not clearly warn that this is an external transmission or explain associated privacy and account-action risks. In context, this omission is more dangerous because the token can authorize posting on behalf of the user, turning disclosure gaps into potential unauthorized-account-action risk.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The code prints the authentication token directly to stdout, which can expose bearer credentials in terminal history, logs, CI output, shell wrappers, or process-monitoring environments. Because the skill's stated purpose is to obtain and use a token for account actions, leaking that token could allow unauthorized access or publishing actions as the user.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The login flow sends an SMS code to a remote service and then prints the returned authentication token directly to stdout. Tokens printed to console can be captured by shell history, terminal logging, CI logs, or other local observers, turning a valid session credential into an easily exposed secret.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.