WeChat Article Extract

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward WeChat article extractor whose file and network behavior is disclosed and fits its purpose.

Install if you want an agent to fetch or parse public WeChat articles and save extracted output. Review the source URL and output path before running, and use image downloading only for articles and destinations you trust.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 94% confidence
Finding: The skill instructs the agent to run a local Python script that reads local HTML files, writes output files, performs network fetching, and invokes shell commands, yet the skill metadata does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: an agent or platform may authorize or invoke the skill without the user clearly understanding that filesystem and network access will be used.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger description is very broad, using generic verbs like read, scrape, parse, extract, archive, convert, summarize, or save along with several WeChat-related terms. This can cause the skill to be invoked in situations the user did not intend, increasing the chance of unexpected network requests, local file processing, or output generation on unrelated prompts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal