ClawHub

WeChat Video Downloader

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it opens a user-provided WeChat article, extracts an embedded video URL, and downloads the video locally.

Install only if you want an agent to open WeChat article links, click video controls, extract media URLs, and save video files locally. Use it on trusted articles you are authorized to download from, confirm ambiguous video-download requests, and choose safe output filenames and directories.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill invokes shell commands (`python`, `curl`) but does not declare corresponding permissions, creating a capability/permission mismatch that can bypass user or platform expectations about what the skill is allowed to do. In this context, the shell is used to fetch remote content and write files locally, which increases risk if the URL or output filename is attacker-controlled or if the script behavior changes over time.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The README clearly describes fetching remote video content and saving it locally, but it does not explicitly warn about the security and privacy implications of downloading untrusted remote media or writing files to disk. In an agent/skill context, missing disclosure can lead users to invoke network and filesystem actions without informed consent, which increases operational risk even if the behavior is expected from the skill's purpose.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger conditions include generic terms such as '微信视频', '公众号视频', and especially '下载视频', which can match requests unrelated to the intended `mp.weixin.qq.com` article workflow. Overbroad activation can cause the agent to invoke a shell-backed downloader in inappropriate contexts, potentially fetching untrusted URLs or performing actions the user did not specifically intend for this skill.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal