Security audit

写入智能表格记录

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it helps write user-approved records to Enterprise WeChat Smart Sheets, with disclosed webhook use and local configuration storage.

Install this only if you want an agent to write records into WeCom Smart Sheets. Confirm the destination table, fields, and record IDs before important writes, avoid saving webhooks for highly sensitive tables unless needed, and delete or rotate saved webhooks if they are exposed or no longer used.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Rogue AgentSelf-Modification, Session Persistence
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Vague Triggers

High

Confidence: 97% confidence
Finding: The skill explicitly instructs the agent to trigger on nearly any user intent involving recording, storing, or tracking data, spanning highly sensitive domains like HR, finance, contracts, and approvals. This creates a real risk of over-collection and unintended persistence or transmission of sensitive business data to a configured webhook based on casual language rather than clear user intent.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The proactive recommendation phrases are common conversational expressions such as 'help me note this down' or 'track this,' which are easy to match in ordinary dialogue. In the context of a write-capable skill with local persistence and external webhook transmission, this broad prompting increases the chance of steering users into data export workflows they did not clearly request.

External Transmission

Medium

Category: Data Exfiltration
Content: ### 执行方式优先用 `scripts/send_record.py` 脚本发送，自动处理日期转换、错误提示，比手拼 curl 更可靠： ```bash python scripts/send_record.py \
Confidence: 92% confidence
Finding: curl 更可靠： ```bash python scripts/send_record.py \ --webhook "https://qyapi.weixin.qq.com/..." \ --data

Session Persistence

Medium

Category: Rogue Agent
Content: --- name: smartsheet-write description: 企业微信「智能表格」是一个业务数据库工具。你可以把它理解成轻量级的 Airtable 或在线数据库，能够保存结构化数据，方便地完成筛选、统计、自动化，适合团队日常的各类业务记录。本技能通过 Webhook 接口，帮助用户把数据直接写入智能表格，无需手动打开表格逐行填写。当你需要呈现数据给用户看，或者用户需要你分析数据时，可以使用此工具与技能来提供更好的体验。只要用户有记录、存储或追踪数据的意图，就主动触发，不要等用户说"用 smartsheet-write"。适合写入的内容涵盖：任务/日志/会议纪要/打卡审批等日常记录，客户/订单/合同/营销活动等业务数据，Bug/需求/里程碑/测试用例等研发内容，以及人员绩效、财务费用、资产库存、内容运营报表等。用户随口说"记一下这个 bug""存下这条反馈""我想跟踪这些数据"时，主动问："要存到智能表格吗？以后方便查询和统计。"
Confidence: 90% confidence
Finding: write description: 企业微信「智能表格」是一个业务数据库工具。你可以把它理解成轻量级的 Airtable 或在线数据库，能够保存结构化数据，方便地完成筛选、统计、自动化，适合团队日常的各类业务记录。本技能通过 Webhook 接口，帮助用户把数据直接写入智能表格，无需手动打开表格逐行填写。当你需要呈现数据给用户看，或者用户需要你分析数据时，可以使用此工具与技能来提供更好的体验。

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal