ClawHub

wechat-article-search-api-skill

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: it searches and extracts WeChat article content through BrowserAct using the user's BrowserAct API key.

Install this only if you are comfortable using BrowserAct for WeChat article searches. Set BROWSERACT_API_KEY locally rather than pasting it into chat, avoid confidential search terms unless BrowserAct's data handling is acceptable, and keep extraction limits modest.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill explicitly requires an environment secret (BROWSERACT_API_KEY) and instructs running a Python script that calls an external BrowserAct API, which implies network and secret access without an explicit permissions declaration. This creates a governance gap: an agent may invoke code with external connectivity and credential use without transparent consent or sandbox policy enforcement, increasing the risk of unintended data exfiltration or over-privileged execution.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The description tells the agent to proactively apply this skill for a very broad set of loosely related research, monitoring, extraction, and summarization tasks. That can cause the skill to trigger in contexts where the user did not explicitly request external API use or WeChat extraction, resulting in unintended transmission of user queries or URLs to a third-party service and surprising side effects.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal