Back to skill

Security audit

Toutiao GEO Draft Assistant

Security checks across malware telemetry and agentic risk

Overview

This skill coherently helps create and fill a Toutiao draft in a visible local browser, with clear limits that the user must review and publish manually.

Before installing, understand that this skill can operate a visible browser while you are logged into Toutiao and fill content into your draft editor. Review the generated article, title, cover, and facts carefully, use a virtual environment for Playwright, and do not modify it into an auto-publishing or session-saving tool.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The function claims to only allow reads from the project's output directory, but its actual check only verifies that the target path is under the broader project root. That mismatch means any file anywhere inside the repository can be read if an attacker can influence the filepath argument, potentially exposing configuration, source, secrets, or other sensitive local data.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.