X Manual Surf Notes (手动刷帖笔记)

Security checks across malware telemetry and agentic risk

Overview

This skill clearly does what it says: controls a logged-in X tab to summarize posts into a local notes file, with no hidden code or exfiltration behavior found.

Install only if you are comfortable letting the agent operate an attached logged-in X tab, read your visible For You feed, and append summaries to the specified markdown file. Review or change the output path before use, and do not attach the browser relay to unrelated sensitive pages.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger phrases are unusually broad and map to ordinary user requests like '浏览器刷X' or '写刷帖笔记', which increases the chance of unintended invocation. Because this skill performs browser-driven actions and writes notes to disk, accidental activation could cause browsing and local file modification the user did not explicitly consent to in that moment.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill hard-codes a local file path and instructs the agent to append content there without any explicit user confirmation, path validation, or warning that local state will be modified. This creates a real integrity/privacy risk because an inadvertently triggered run can silently alter local files and accumulate data derived from the user's authenticated browsing session.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal