Zhihu

Security checks across malware telemetry and agentic risk

Overview

This skill transparently lets an agent use your Zhihu API credentials to read and change Zhihu content, with no evidence of hidden behavior or data theft.

Install this only if you want an agent to act through your Zhihu API credentials. Review target IDs and content before allowing publish, reaction, comment, or delete commands, and keep the app secret out of logs, shared config, and source control.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The README explicitly promotes social and potentially destructive actions such as posting, liking, commenting, and deleting comments, but it does not warn users about account-level consequences, moderation risks, rate limits, or the irreversibility of some actions. In an automation skill, this omission increases the chance of misuse, accidental spam, or unintended user-impacting actions because operators may treat the commands as low-risk routine operations.

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal