Bilibili Messager | B站私信助手
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed Bilibili private-message browser automation skill that requires a logged-in browser profile and user confirmation before sending messages.
Install only if you are comfortable letting the agent use a logged-in Bilibili session to view private messages and prepare/send DMs. Use the dedicated OpenClaw browser profile, verify the active account, review the recipient and full message before confirming any send, and avoid exposing highly sensitive conversations.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
61/61 vendors flagged this skill as clean.