Back to skill

Security audit

WeChat Official Accounts User Published Posts API

Security checks across malware telemetry and agentic risk

Overview

This is a narrow JustOneAPI helper, but it handles the user’s API token in ways that can leak it through command arguments or request URLs.

Install only if you are comfortable using a JustOneAPI token with this helper. Prefer a version that reads the token from a secret store or environment variable internally and avoids putting it in command-line arguments or URL query strings; rotate the token if it may have been exposed in shell history, logs, proxies, or monitoring tools.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The code appends the API token as a query parameter, which exposes the credential in URLs. Query strings are commonly logged by proxies, servers, browser history, monitoring tools, and error messages, increasing the chance of unintended credential disclosure even when HTTPS is used.

Vague Triggers

Low
Confidence
88% confidence
Finding
The operation description is generic and does not specify when the action should be invoked, what user authorization is required, or what safety checks should precede sending the request. In an agent context, overly broad API descriptions can enable unnecessary or unintended data retrieval from external services, especially when paired with sensitive identifiers like wxid.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The parameter documentation notes that both an access token and a WeChat account identifier are sent as query parameters to an external API, but it does not warn users or integrators that these values leave the local trust boundary. This increases the risk of inadvertent credential exposure, logging leakage, and privacy-sensitive account lookups without informed consent.

Credential Access

High
Category
Privilege Escalation
Content
"parameters": [
        {
          "defaultValue": null,
          "description": "Access token for the API.",
          "enumValues": [],
          "location": "query",
          "name": "token",
Confidence
96% confidence
Finding
Access token

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.secret_argv_exposure

Instructions pass high-value credentials through process argv.

Critical
Code
suspicious.secret_argv_exposure
Location
SKILL.md:41