Security audit

qywx-msg-sender

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it stores and prints WeCom webhook URLs that act like credentials without clearly warning users or protecting them.

Install only if you are comfortable managing WeCom webhook URLs as secrets. Store the registry with restrictive permissions, avoid sharing terminal output or logs from registration/listing commands, prefer environment or protected secret storage over command history where possible, and rotate any webhook URL that may have been exposed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (3)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The documentation instructs users to store Enterprise WeChat webhook URLs and chat identifiers in a local registry file and environment variables, but it does not warn that webhook URLs function as bearer secrets. If the registry file, shell history, logs, screenshots, or examples leak, an attacker could send unauthorized messages to internal chats, causing phishing, alert spoofing, or information disclosure through trusted channels.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The script accepts a WeCom webhook URL, which is effectively a secret bearer credential, and its help text encourages users to pass it directly as a command-line argument. Command-line arguments can be exposed through shell history, process listings, logs, and copied documentation, increasing the chance of credential disclosure and unauthorized message sending. In this skill context, that is more dangerous because the tool is specifically designed to register and persist webhook endpoints for later notification use.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The registration function prints full webhook URLs and chat IDs to stdout, which can leak secrets into terminal scrollback, shell history captures, CI logs, or centralized logging systems. A leaked WeCom webhook URL can allow unauthorized parties to send messages into the target chat, enabling spam, phishing, or alert-channel abuse.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.