信息源监控助手

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill does what it claims, but it handles monitored content and API credentials with disclosure and storage gaps that users should review before installing.

Review this before installing if your feeds, webpages, or WeChat links may contain private or proprietary information. Use environment variables rather than entering API keys into setup, verify the LLM endpoint and Feishu webhook destination, avoid sensitive internal URLs unless you are comfortable sending summaries/content externally, and periodically clean the local digest and state files.

SkillSpector (6)

By NVIDIA

Intent-Code Divergence

Medium

Confidence: 98% confidence
Finding: The license activation logic effectively accepts any key beginning with "CNIM-", despite claiming offline verification. This allows trivial unauthorized elevation from free to pro mode, bypassing usage restrictions and undermining any trust placed in license-gated behavior.

Context-Inappropriate Capability

High

Confidence: 98% confidence
Finding: The activation logic grants Pro access based solely on hardcoded prefixes or a universal unlock code, with no cryptographic verification, server-side validation, or user binding. Anyone who reads or guesses these values can self-upgrade locally, bypassing intended controls; in a hostile supply-chain context, hidden unlock paths also resemble backdoor behavior and reduce trust in the skill.

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The skill documentation omits a clear warning that monitoring output is written to local Markdown files. This can expose potentially sensitive monitoring results to other local users, backups, or synced folders when users do not realize persistent artifacts are being created.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The description does not adequately warn that monitored content may be sent to external webhook destinations such as Feishu. This creates a privacy and data-handling risk because third-party or internal content could be forwarded outside the local environment without users understanding the destination and sensitivity implications.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill notes dependence on an external LLM API but does not clearly warn that source content may be transmitted externally for summarization. This is a meaningful privacy risk because monitored articles, feeds, or internal URLs could contain proprietary or sensitive information that leaves the user's environment.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The code sends article title/content to a configurable external LLM endpoint, which can expose sensitive or proprietary source material to third-party services without explicit disclosure, consent, or data-handling controls. Because `base_url` is environment-controlled, deployments may unintentionally forward data to untrusted endpoints, increasing data leakage risk in this monitoring/summarization context.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal