Back to skill

Security audit

Sentiment Compass

Security checks across malware telemetry and agentic risk

Overview

This is a coherent social-media sentiment-monitoring skill, but users should understand that it stores data locally and can send monitored text to configured external services.

Install only if you are comfortable with public-content scraping, plaintext local config storage, and sending monitored text or alert summaries to GLM-4, Feishu, SMTP, and the license-validation service when those features are used. Use dedicated API keys/webhooks, avoid sensitive keywords where policy or privacy rules apply, review platform terms, and consider isolating the runtime or adding stricter webhook/domain validation for production use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (11)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
})

        try:
            result = subprocess.run(
                ["curl", "-s", "-X", "POST", webhook,
                 "-H", "Content-Type: application/json",
                 "-d", json.dumps(body, ensure_ascii=False)],
Confidence
89% confidence
Finding
result = subprocess.run( ["curl", "-s", "-X", "POST", webhook, "-H", "Content-Type: application/json", "-d", json.dumps(body, ensure_ascii

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README documents Feishu webhook and SMTP alerting for sentiment-monitoring results but does not disclose that monitored content, excerpts, or metadata may be sent to third-party services outside the primary system. In a social-media monitoring tool, alerts may include sensitive brand, user-generated, or reputational data, so missing disclosure increases the risk of unintended data sharing and unsafe deployment by operators.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill stores scraped posts, analysis results, and configuration locally in SQLite/JSON, but the description does not clearly warn users that monitored content is retained on disk. This can expose sensitive business monitoring targets, collected social content, webhook settings, or report history to other local users, backups, or compromised hosts.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill sends scraped post/comment text to the external GLM-4 API for sentiment analysis without prominently warning users that monitored content leaves the local environment. This creates a meaningful data exposure risk, especially when monitoring may include competitor intelligence, customer complaints, internal watchlists, or regulated personal data embedded in public posts.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill forwards alert content, including keywords, post titles, platforms, and authors, to third-party notification channels such as Feishu or email without a clear warning. That can leak monitored subjects and potentially sensitive reputational intelligence to external systems, misconfigured group chats, or insecure mail infrastructure.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Collected post content is sent to the external GLM API for sentiment analysis without any disclosure, consent, redaction, or policy gate in the execution path. Because this tool monitors social content and may process sensitive or regulated text, silent third-party transmission creates a real privacy and data-governance risk.

Unpinned Dependencies

Low
Category
Supply Chain
Content
# Sentiment Compass dependencies
playwright>=1.40.0
beautifulsoup4>=4.12.0
jieba>=0.42.1
requests>=2.31.0
Confidence
95% confidence
Finding
playwright>=1.40.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
# Sentiment Compass dependencies
playwright>=1.40.0
beautifulsoup4>=4.12.0
jieba>=0.42.1
requests>=2.31.0
Confidence
95% confidence
Finding
beautifulsoup4>=4.12.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
# Sentiment Compass dependencies
playwright>=1.40.0
beautifulsoup4>=4.12.0
jieba>=0.42.1
requests>=2.31.0
Confidence
93% confidence
Finding
jieba>=0.42.1

Unpinned Dependencies

Low
Category
Supply Chain
Content
playwright>=1.40.0
beautifulsoup4>=4.12.0
jieba>=0.42.1
requests>=2.31.0
Confidence
98% confidence
Finding
requests>=2.31.0

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
97% confidence
Finding
requests

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.