Security audit
WeChat MP Skyline to WebView Migrator
Security checks across malware telemetry and agentic risk
Overview
This skill is a narrow WeChat Mini Program migration helper whose file reads, project edits, and verification steps match its stated purpose.
Before installing, understand that this skill is meant to modify a target mini program's renderer configuration and may use vince-mp to capture screenshots and pageData for verification. Use it in a git-backed project so the app.json/page-json edits are easy to review and roll back; do not treat the included validation-harness claims as necessary for normal use.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.