Back to skill

Security audit

提供海外企业数据、商业数据查询,支持搜索公司与联系人查询服务,帮助用户查找全球企业/海外公司、验证联系人信息、公司邮箱、企业电话、公司职位等,筛选出高质量的 外贸潜在客户 / 外贸线索。助力外贸公司、外贸企业、出口商、采购代理、销售团队发现采购决策者、寻找供应商并加速客户开发 / 获客——所有功能仅需一次搜索即可实现,适用于外贸 B2B找客户、供应商开发与销售线索挖掘。

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do what it claims, but it handles API credentials and personal contact data in ways users should review carefully before installing.

Install only if you are comfortable with a third-party contact-data service receiving searched company or person identifiers, and with API keys being stored in ~/.upkuajing/.env. Before use, confirm the provider's privacy and legal terms, avoid bulk or unsolicited outreach that may violate law or platform rules, and consider restricting file permissions or moving the API key into a safer secret store.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (10)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill directs the agent to read environment variables, access and modify files under the user's home directory, and make network/API calls, yet it declares no explicit permissions or safety boundaries. This weakens user consent and platform control because a caller may not realize the skill can inspect local secrets, persist credentials, and perform billable external actions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill is explicitly designed to retrieve personal and executive contact details, including email, phone, and WhatsApp, for lead generation and background research, but it provides no privacy, legal-use, or purpose-limitation warning. In practice this can facilitate scraping, profiling, spam, or misuse of personal data, especially when combined with company and employment details.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The API reference explicitly supports searching and filtering people by contact availability and demographic attributes such as gender, along with returning counts for phone, email, website, social media, and WhatsApp data, but provides no privacy, consent, lawful-use, or sensitive-data handling guidance. In the context of a lead-generation and people-search skill, this materially increases the risk of misuse for profiling, scraping, unsolicited outreach, and potential noncompliance with privacy laws.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The optional request/response logging writes full API parameters and full API responses to local log files. In this skill's context, those payloads can contain sensitive business and personal data such as contact details, and may also include search criteria or returned records that should not be persisted by default. Even though logging is currently disabled, the implementation creates a latent data-exposure risk if enabled without redaction or user consent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script sends company/person identifiers to an external contact-data API without any explicit user-facing notice, consent step, or privacy warning. Because this skill is specifically designed to retrieve personal and business contact details, the lack of disclosure increases the risk of unintended transmission of sensitive identifiers and privacy/compliance issues.

Credential Access

High
Category
Privilege Escalation
Content
### **未设置API密钥**
请先检查 `~/.upkuajing/.env` 文件是否有 UPKUAJING_API_KEY;
如果未设置 UPKUAJING_API_KEY API密钥,请提示并让用户选择:
1. 用户有,由用户提供(手动添加到 ~/.upkuajing/.env 文件)
2. 用户没有,你可使用接口进行申请(`auth.py --new_key`),申请到新密钥后,会自动保存到 ~/.upkuajing/.env
等待用户选择;
Confidence
95% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
请先检查 `~/.upkuajing/.env` 文件是否有 UPKUAJING_API_KEY;
如果未设置 UPKUAJING_API_KEY API密钥,请提示并让用户选择:
1. 用户有,由用户提供(手动添加到 ~/.upkuajing/.env 文件)
2. 用户没有,你可使用接口进行申请(`auth.py --new_key`),申请到新密钥后,会自动保存到 ~/.upkuajing/.env
等待用户选择;

### **账户充值**
Confidence
94% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
"envFilePath": str(env_file)
        }

    # 保存到 .env 文件
    try:
        with open(env_file, 'w', encoding='utf-8') as f:
            f.write(f"{API_KEY_ENV}={api_key}\n")
Confidence
86% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
except IOError as e:
        return {
            "success": False,
            "message": f"API密钥申请成功,但保存到 .env 文件失败:{str(e)}。\n请手动设置环境变量 {API_KEY_ENV}。",
            "envFilePath": str(env_file)
        }
Confidence
67% confidence
Finding
.env

Unpinned Dependencies

Low
Category
Supply Chain
Content
httpx>=0.23.0
Confidence
91% confidence
Finding
httpx>=0.23.0

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.exposed_secret_literal

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
scripts/common.py:197