ClawHub

tencent-news

Security checks across malware telemetry and agentic risk

Overview

This Tencent News skill is mostly coherent, but it directs installation and update through remote scripts that execute immediately on the user's machine, so it belongs in Review.

Install only if you trust the TencentNews publisher and the hosted installer endpoint. Prefer downloading the installer first, inspecting it, and verifying a publisher-provided checksum or signature before running it. Be aware that setup or fallback update can execute code with your user privileges, install or update a persistent CLI under your account, modify shell environment settings, and manage a Tencent News API key.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (7)

Tp4

High
Category
MCP Tool Poisoning
Confidence
89% confidence
Finding
The declared purpose is a news lookup tool, but the skill also performs installation, updates, environment inspection, and API key management. That expanded operational scope increases the attack surface and can lead users or orchestrators to grant more trust than warranted, especially because installation/update flows and caller-metadata injection affect the local environment beyond simple content retrieval.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The guide instructs users to pipe a remotely fetched script directly into a shell/PowerShell interpreter, which executes unreviewed code immediately with the user's privileges. This removes any meaningful opportunity to inspect the script, verify integrity, or detect CDN/server compromise, making supply-chain or tampering attacks much more dangerous.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The guide instructs users to install or update the CLI by piping a remotely fetched script directly into a shell, without any integrity verification, pinning, or safety warning. This is dangerous because compromise of the CDN, origin, DNS, TLS termination, or the published script itself would immediately lead users to execute attacker-controlled code on their systems.

External Script Fetching

High
Category
Supply Chain
Content
打开终端,执行以下命令:

```sh
curl -fsSL https://mat1.gtimg.com/qqcdn/qqnews/cli/hub/tencent-news/setup.sh | sh
```

脚本会自动完成:识别系统和架构 → 下载 CLI → 验证 → 配置环境变量 → 检测 API Key 状态。
Confidence
99% confidence
Finding
curl -fsSL https://mat1.gtimg.com/qqcdn/qqnews/cli/hub/tencent-news/setup.sh | sh

External Script Fetching

High
Category
Supply Chain
Content
macOS / Linux:

```sh
curl -fsSL https://mat1.gtimg.com/qqcdn/qqnews/cli/hub/tencent-news/setup.sh | sh
```

Windows:
Confidence
99% confidence
Finding
curl -fsSL https://mat1.gtimg.com/qqcdn/qqnews/cli/hub/tencent-news/setup.sh | sh

Chaining Abuse

High
Category
Tool Misuse
Content
打开终端,执行以下命令:

```sh
curl -fsSL https://mat1.gtimg.com/qqcdn/qqnews/cli/hub/tencent-news/setup.sh | sh
```

脚本会自动完成:识别系统和架构 → 下载 CLI → 验证 → 配置环境变量 → 检测 API Key 状态。
Confidence
98% confidence
Finding
| sh

Chaining Abuse

High
Category
Tool Misuse
Content
macOS / Linux:

```sh
curl -fsSL https://mat1.gtimg.com/qqcdn/qqnews/cli/hub/tencent-news/setup.sh | sh
```

Windows:
Confidence
99% confidence
Finding
| sh

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal