Back to skill

Security audit

issue-request-manager

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed issue-tracking helper with optional Enterprise WeChat notifications, but users should treat ticket contents and WeChat credentials carefully.

Install only if you are comfortable storing issue data locally and, when enabled, sending selected issue details through Enterprise WeChat. Keep the WeChat Secret out of committed files, verify recipient lists, avoid sending secrets or sensitive customer/security details in ticket notifications, and pin or audit dependencies before production use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The guide encourages sending issue titles, descriptions, status, assignee data, and comments to WeCom recipients, but it does not clearly warn that issue contents may contain sensitive business, personal, or security information. In an issue-management skill, this omission increases the chance of unintended disclosure to broader recipient lists, departments, or external-integrated messaging environments.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill describes automated notifications and multi-platform integrations but does not warn users that issue content or metadata may be transmitted to third-party systems. This is dangerous because issue data often contains sensitive operational details, and silent forwarding to external systems can violate privacy expectations, compliance requirements, or internal security policies.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The code sends issue data to an external WeChat service using configured credentials, but provides no explicit consent, disclosure, or data-minimization controls beyond a generic demo label. In an agent skill context, this can cause unintentional exfiltration of issue contents, comments, IDs, or workflow metadata to a third-party platform, especially if operators enable the feature without fully understanding what is transmitted.

Unpinned Dependencies

Low
Category
Supply Chain
Content
python>=3.7

# 数据处理
json5>=0.9.0

# 网络请求(用于微信通知)
requests>=2.25.1
Confidence
86% confidence
Finding
json5>=0.9.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
json5>=0.9.0

# 网络请求(用于微信通知)
requests>=2.25.1
Confidence
94% confidence
Finding
requests>=2.25.1

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
97% confidence
Finding
requests

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.