ClawHub

WeChat MP Monitor

Security checks across malware telemetry and agentic risk

Overview

This skill behaves like a disclosed WeChat article monitor, with no evidence of hidden, destructive, or deceptive behavior.

Install only if you are comfortable with the skill fetching URLs you provide, saving watchlist/history data under ~/.wechat_mp_monitor, and posting notification content to a Feishu/Lark webhook if you configure one. Treat webhook URLs as secrets, use the cron examples only if you want ongoing checks, and delete the local data directory when you no longer need the monitor.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill documentation instructs use of environment variables, local file storage, and network/webhook operations, but it does not declare permissions for those capabilities. Undeclared access makes it harder for users or a platform to understand what the skill can do, increasing the risk of unexpected data access, persistence, or outbound transmission. In this context, the behavior is aligned with the skill's purpose, so the issue is primarily transparency and permission-governance rather than hidden malicious functionality.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The markdown tells users to configure Feishu webhooks and states that watchlist/history are stored under the user's home directory, but it does not clearly warn that article metadata or summaries may be transmitted to a third-party service or persisted locally. This can lead to inadvertent disclosure of monitored content or account lists, especially on shared systems or in environments with sensitive tracking targets. The skill context makes the issue somewhat more concerning because monitoring and alerting inherently create records and outbound messages over time.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal