Missing User Warnings
Medium
- Confidence
- 88% confidence
- Finding
- 该 README 明确宣称技能可执行删除、批量删除和认证相关操作,但没有同步提示这些命令会直接修改用户书签数据、可能造成不可逆删除,也没有强调 API Key 属于高敏感凭据。对于会被代理自动执行的 CLI 技能,这种缺失会降低操作者和上层代理对破坏性操作与凭据处理风险的警觉,增加误删数据或泄露凭据的可能性。
Weeko
Security checks across malware telemetry and agentic risk
Overview
This is a straightforward Weeko bookmark-management skill; it uses an API key and can delete bookmarks, but those powers are disclosed and fit the stated purpose.
Install only if you trust the Weeko CLI package and are comfortable giving an agent API-key access to your Weeko bookmarks and groups. Use --dry-run and review exact bookmark or group IDs before update, delete, group delete, or batch operations, and use weeko logout or rotate the API key if the config file may have been exposed.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)
Missing User Warnings
Medium
- Confidence
- 95% confidence
- Finding
- The skill documents `weeko batch delete --ids ...` as a bulk destructive command without any adjacent warning, confirmation behavior, or strong recommendation to use `--dry-run` first. In an agent-facing skill, this increases the chance that an LLM or user will invoke irreversible deletion at scale based on ambiguous instructions or partial context, causing accidental data loss.
Missing User Warnings
Medium
- Confidence
- 95% confidence
- Finding
- The documentation explicitly states that the API key is stored in ~/.config/weeko-cli/config.json, which implies local plaintext persistence of a bearer credential. If the workstation, home directory backups, shared accounts, or permissive filesystem permissions are compromised, an attacker could recover the key and access the user's Weeko account and data.
VirusTotal
66/66 vendors flagged this skill as clean.