WeChat Share
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed workspace file-sharing skill that uploads selected files to a temporary db9 share and imports them only after preview and validation.
Install this only if you intend to share workspace files through db9. Review the exact export list, avoid sharing secrets unless you explicitly mean to, treat the db_id/api_token as sensitive, preview before importing, and import agent/config files only from sources you trust.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.