Back to skill

Security audit

Zhihu Article Fetcher

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it asks users to store live Zhihu session cookies and uses anti-bot bypass techniques without enough safety guidance.

Install only if you understand that this tool may use your Zhihu logged-in session to fetch articles and may violate site access rules. Do not paste cookies unless you are comfortable treating them like passwords; restrict the file, avoid sharing logs or archives containing it, and rotate or clear the cookies after use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill documentation describes concrete capabilities to read local files (`config/cookie.json`), write output files, and make outbound network requests, yet it declares no permissions. This creates a transparency and governance gap: users or platforms cannot accurately assess or constrain what the skill can access, which is especially risky because it handles authentication cookies and performs external scraping.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to manually extract live Zhihu authentication cookies from browser developer tools and store them in a local JSON file, without warning that these are sensitive session credentials. If mishandled, exposed, or reused by other tools, those cookies could enable account takeover, unauthorized access, or privacy breaches tied to the user's Zhihu account.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly promotes bypassing anti-scraping protections via 'authentication downgrade' and 'simulated headers' and supports saving fetched content, but provides no warning about terms-of-service, legal restrictions, rate limiting, or downstream data-handling obligations. In context, this makes misuse more likely and increases the chance of policy violations, account sanctions, or collection of content in ways the site is attempting to prevent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script loads authentication cookies from a local file and automatically transmits them to Zhihu, enabling use of a user's authenticated session without a clear consent boundary or warning. In this skill's context, that is more sensitive because the tool is explicitly designed to bypass anti-bot protections and recommends supplying browser-derived cookies, increasing the risk of unintended credential use or session exposure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.