Back to skill

Security audit

微信公众号内容自动生成与发布到草稿箱

Security checks across malware telemetry and agentic risk

Overview

This skill is for WeChat draft automation, but its publishing authority and safety checks are not clearly controlled enough for a public-account workflow.

Install only if you are comfortable giving this workflow access to content-generation and WeChat/Tencent publishing credentials. Before enabling cron or any publish step, require manual review, verify the external WeChat publisher skill, replace the placeholder safety checks with real checks, and confirm exactly which credentials and account permissions are needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises direct publication to the WeChat draft box and automatic image downloads, but it does not prominently warn about outbound network activity or local filesystem writes. In a content publishing workflow, these side effects are especially sensitive because they can push generated or modified content toward a live distribution channel and persist remote assets locally without clear user awareness.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.