ClawHub

Weibo User Fans API

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform the advertised Weibo fan lookup, but it handles the API token in ways that can expose it through command arguments and request URLs.

Install only if you are comfortable using a JustOneAPI token for this Weibo lookup and with the token potentially appearing in local command arguments and API request URLs. Prefer a version that reads the token directly from the environment and uses header-based authentication if the provider supports it; handle returned fan profile data as privacy-sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill defines the API access token as a query parameter and later appends it to the request URL. Query-string credentials are risky because they can be exposed in logs, browser/history artifacts, proxy telemetry, monitoring systems, and downstream error reports more easily than header-based secrets. In this skill’s context, the token is sent to a third-party API endpoint, which increases the chance of unintended credential disclosure outside the local execution boundary.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The manifest explicitly sends an API token and a user identifier to an external third-party service, but it does not disclose this data flow or warn users about external transmission and privacy implications. This can lead to unintentional credential exposure, inappropriate sharing of identifiers, and weak informed consent around data handling.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The operation explicitly advertises access to fan profile metadata and verification signals, which are privacy-sensitive attributes, but provides no warning, limitation, or handling guidance for downstream users. In a social-media audience analysis context, this can enable profiling, surveillance, or misuse of personal data if consumers treat the endpoint as ordinary low-risk metadata.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal