Back to skill

Security audit

Wechat Sendmedia

Security checks across malware telemetry and agentic risk

Overview

The skill appears related to file/upload messaging, but its visible replies may expose local file paths and raw upload/debug details.

Install only if you are comfortable with this skill handling local file uploads and external delivery. Before use, confirm the exact file and recipient, and avoid sharing failure output publicly because it may include local paths or operational debug details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill requires the final visible reply to include an absolute local filesystem path, which can disclose usernames, directory structure, project names, or sensitive file locations to the chat recipient. In a messaging context, that leakage is unnecessary for successful delivery and may expose host-specific information to external parties.

Missing User Warnings

High
Confidence
99% confidence
Finding
The failure template directs the assistant to print raw diagnostics such as upload URLs, hosts, context-token presence, encrypted parameter metadata, and raw send responses directly into the visible reply. Those fields can reveal session state, infrastructure details, or operational secrets that could aid account abuse, replay attempts, or further targeting.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.