Cn Social Reply

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed social-media reply helper with a small local style-template manager and no evidence of hidden network, credential, or destructive behavior.

Install only if you are comfortable storing reply-style preferences locally in ~/.qclaw/workspace/cn-social-reply/styles.json. Avoid putting sensitive personal, brand, or account details into saved style templates unless you want them retained on disk.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The skill instructs the agent to save, load, and delete user style templates from a persistent local JSON file, but it does not clearly warn users that their preferences will be stored on disk or removed permanently. This can create privacy and surprise risks, especially if style templates contain personal branding details, behavioral preferences, or other sensitive metadata the user did not expect to persist.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal