Back to skill

Security audit

ssai-dailymoments

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: generate WeChat Moments marketing copy and images, with disclosed scheduling, MiniMax API use, and local history storage.

Install only if you are comfortable enabling scheduled content generation, paying for or using a MiniMax-compatible image API, sending generated prompts to that provider, and keeping a local history file until you delete or manage it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrases "朋友圈" and "发朋友圈" are broad, common conversational terms and the skill is configured for automatic invocation. This can cause unintended execution during ordinary chat, leading to unplanned content generation, external API use, and file/history writes without a clear confirmation step.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill states that it permanently stores all historical content in `history.json`, but does not present a clear user-facing retention notice, consent flow, or deletion policy. Persistent storage of generated content and usage history can create privacy, compliance, and unexpected data accumulation risks over time.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs use of a third-party MiniMax image API but does not clearly warn users that prompts and related content will be transmitted outside the local environment. Even if the content is marketing-oriented, external transmission without prominent disclosure creates privacy and trust risks, especially when automation and scheduled runs are involved.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.