ClawHub

wjx-mcp-use

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Wenjuanxing survey administration skill, but it covers powerful deletion, credential, and SSO actions without enough built-in safety guidance.

Install only if you intend to let an agent operate a real Wenjuanxing account. Use least-privileged credentials, avoid sharing API keys, passwords, participant data, or SSO URLs in chat, and require explicit confirmation with the exact target before any deletion, export, admin change, response clearing, or SSO generation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description includes very broad trigger terms such as common words for forms, surveys, collection, and analysis, which can cause the skill to activate in unrelated conversations. In an agent environment, unintended invocation can route user requests into high-privilege survey, contact, response-query, or SSO workflows, increasing the chance of data access or destructive actions being taken out of context.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill documents SSO link-generation tools, including links that may embed or convey authenticated access context, but provides no warning about treating generated URLs as sensitive secrets. If users copy, log, or share these URLs insecurely, they could enable unauthorized account access, impersonation, or leakage of participant identifiers and redirect targets.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
This section documents participant-management operations that include credentials such as upass and irreversible deletion, but lacks privacy and secure-handling guidance. In an agent context, this increases the chance that passwords or participant data are passed in plaintext, retained in conversation history, or used in bulk-destructive operations without adequate safeguards.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The document exposes a clearly destructive operation, `clear_responses`, described as irreversible, but provides no procedural safety guidance such as explicit confirmation, authorization checks, scope validation, backup/export recommendations, or examples of safe usage. In an agent skill context, documentation often drives tool invocation behavior, so omission of guardrails increases the chance that an agent or user triggers mass data deletion accidentally or under prompt manipulation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The document exposes a destructive `delete_survey` operation, including an irreversible `completely_delete` option, but does not clearly require user confirmation or warn the operator about permanent data loss before use. In an agent skill context, documentation strongly influences autonomous tool selection, so omission of explicit safety guidance increases the chance of accidental or unauthorized destructive actions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The `clear_recycle_bin` operation can permanently remove recoverable surveys, yet the documentation does not prominently state that this eliminates recovery options or that confirmation should be obtained first. Because this is an operational MCP skill, an agent may treat the tool as routine maintenance and invoke it without sufficient caution, causing bulk data loss.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal