Back to skill

Security audit

publish-to-wechat

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a normal WeChat publishing helper, but it can publish drafts and upload images using WeChat credentials.

Install only if you intend to let an agent publish Markdown content to a WeChat Official Account and upload referenced images to WeChat. Review the article, frontmatter, cover, image paths, and destination account before running publish commands, and provide WeChat credentials through a secure environment or secret manager without printing or storing the secret in chat, files, logs, or source control.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly describes direct publication to WeChat Official Accounts and automatic image/material handling, but it does not clearly warn that article text, metadata, local images, and remote image references may be transmitted to third-party WeChat services. In an agent context, this omission increases the risk of unintended data disclosure because an automated system may publish sensitive or internal content without a prominent user-consent or data-destination warning.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill requires WECHAT_APP_ID and WECHAT_APP_SECRET but provides no security guidance on storing, injecting, or protecting these credentials. In an AI-agent workflow, that can lead to unsafe handling of secrets in prompts, logs, shell history, or shared environments, enabling credential exposure and unauthorized access to the associated WeChat account.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.