ClawHub

Wechat Mini App

Security checks across malware telemetry and agentic risk

Overview

The skill mostly provides WeChat Mini Program templates, but it also includes an unrelated content-writing script that quietly stores command inputs locally.

Review before installing or invoking. The WeChat Mini Program template script appears low risk, but the bundled content-writing script is off-purpose and can retain input text in a local history file. Avoid passing secrets or private drafts to it, and check or clear ~/.local/share/wechat-mini-app/history.log if you have used it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger description is extremely broad ('Use when you need wechat mini app capabilities' and related generic keywords), which can cause the skill to activate in loosely related contexts rather than only when the user explicitly wants this tool. Over-broad activation increases the chance of inappropriate routing, unexpected tool invocation, and user confusion, especially in automation pipelines where ambiguous matching can have downstream effects.

Vague Triggers

Low
Confidence
86% confidence
Finding
The usage guidance is too vague because it states the tool is suitable for 'anyone who needs wechat mini app helper,' which does not meaningfully constrain when the skill should be selected. This ambiguity can cause accidental invocation or over-selection of the skill, though the impact is lower because it is descriptive guidance rather than an execution instruction.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script logs user-supplied command arguments to a persistent history file without explicit notice or consent. Because these arguments may contain sensitive draft text, personal data, credentials pasted by mistake, or proprietary content, local persistence creates an avoidable privacy and data exposure risk, especially on shared systems or in backups.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal