ClawHub

WeChat Official Accounts Article Details API

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims, but it handles a reusable API token in ways that can expose it through command arguments and request URLs.

Review before installing. Use only with a scoped, rotatable JustOneAPI token in a trusted environment, avoid logging command invocations, and avoid submitting private article URLs unless you are comfortable sending them to JustOneAPI. Prefer an updated version that reads the token from the environment internally and sends credentials in an Authorization header rather than the URL.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill defines the API token as a query parameter and later appends all query parameters directly into the request URL. Query-string credentials are commonly exposed via logs, browser/history tooling, proxy monitoring, error messages, and analytics systems, so the token can leak beyond its intended recipient even when HTTPS is used.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The manifest sends a user-supplied article URL and an API token to a third-party endpoint without any visible user-facing disclosure about external data transfer. This creates a privacy and trust risk because users may not realize that URLs they provide, which can contain sensitive identifiers or query parameters, are being transmitted outside the system.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documentation describes sending both an access token and a user-supplied article URL to an external API, but provides no warning, consent language, or data-handling notice. In an agent setting, this can cause users or downstream systems to unknowingly transmit sensitive tokens or private URLs to a third-party service, increasing the risk of credential exposure and unintended data disclosure.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal