微信公众号文章爬虫

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it fetches a user-provided article, saves a Markdown copy, and downloads referenced images locally.

Install dependencies in a virtual environment, use only trusted article URLs, and pass a dedicated output directory to avoid saving or overwriting files somewhere unexpected.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill explicitly instructs users to install dependencies and run a Python script that fetches remote content and writes Markdown and image files locally, but it does not declare corresponding permissions. This creates a transparency and trust problem: users and hosting systems cannot accurately assess or constrain the skill's capabilities before execution.

Missing User Warnings

Low

Confidence: 89% confidence
Finding: The skill description explains functionality but omits a clear user-facing warning that running it will create Markdown files and download images onto local disk. While this behavior is consistent with the skill's purpose, failing to disclose local writes can surprise users, cause unintended storage use, or overwrite data if output paths are not carefully chosen.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal