Back to skill

Security audit

csdn文章发布

Security checks across malware telemetry and agentic risk

Overview

This CSDN publishing skill does what it claims, but it can publish through your logged-in browser profile and automatically alters article content, so it needs careful review before use.

Install only if you are comfortable with the skill using your logged-in Chrome or Edge session to act on CSDN. Prefer a dedicated browser profile logged into only CSDN, run draft-preview first, inspect the full article including the added WeChat QR section, and use publish mode only when you are ready for the post to go live.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill emphasizes reusing an existing logged-in browser session but does not clearly warn that this allows actions to be performed as the current user account and may expose drafts, account state, or other session-linked data. In the context of publishing to a live platform, this increases the risk of unintended posting, modification of private drafts, or privacy-impacting access through session reuse.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script can save drafts and, in publish mode, trigger final publication through existing browser session state with no built-in interactive confirmation, dry-run safeguard, or explicit user acknowledgment. In the context of a publishing skill that reuses logged-in profiles, a mistaken invocation, manipulated arguments, or downstream agent misuse could cause unintended content publication under the user's account.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script launches a persistent browser context pointing at the user's real Chrome/Edge profile directory in the home folder, thereby inheriting cookies, active logins, and other sensitive session state without prominent disclosure or consent at runtime. This increases the blast radius of the automation because any action the script takes occurs with the user's authenticated identity and may expose or alter unrelated browsing data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.