公众号爆款文章查询(红狐数据)

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-aligned, but needs review because it sends user queries to an external service over HTTPS with certificate verification disabled.

Review before installing. Do not submit confidential campaign plans, client names, or sensitive personal topics as keywords unless you are comfortable sending them to the external data provider. Treat generated article links and HTML as untrusted until the TLS verification issue is fixed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 89% confidence
Finding: The workflow creates an internal contradiction: it says the agent must not call any script for generic terms before user confirmation, yet the sample text states it has already queried recent trends when offering expansion suggestions. In an agent setting, this ambiguity can cause premature tool execution, violating user-consent and control expectations and potentially triggering unintended external requests or data access.

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: User-supplied keywords and optional dates are transmitted to a third-party endpoint without any consent, warning, or privacy disclosure. In an analytics skill, query terms may contain sensitive business topics, campaign plans, or personal data, so silent exfiltration to an external service creates a real privacy and data-governance risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal