Liurun Fetcher

Security checks across malware telemetry and agentic risk

Overview

The skill is a mostly coherent article fetcher, but it can browse and save files from broad trigger words while also using and storing personalized financial holdings context.

Install only if you want an automated Liu Run WeChat/Sogou fetcher that stores article material locally. Use a dedicated browser profile if possible, confirm before enabling any cron schedule, and avoid allowing Trade Arena or other portfolio data to be included unless you are comfortable with that information being saved in the articles folder.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger conditions are broad enough that normal conversation about Liu Run, public-account summaries, or general business news could activate the skill without clear user intent. Because the skill performs web access and writes files, accidental activation can lead to unintended browsing and persistence of collected content.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill persistently stores both raw article text and generated summaries to local files without any user-facing notice, consent, or retention controls. Silent local writes create privacy, data governance, and disk persistence risks, especially if summaries incorporate user-specific information such as holdings.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal