Back to skill

Security audit

Wechat API Lite

Security checks across malware telemetry and agentic risk

Overview

This is a coherent WeChat Official Account helper, but users should protect the local credentials and cached access token.

Install only if you intend to automate WeChat Official Account draft and media workflows. Keep config.env and scripts/.token_cache private, set restrictive permissions where possible, do not commit or paste credentials/tokens, and review draft JSON and selected image paths before running upload or create-draft commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README instructs users to store AppID and AppSecret in a local config file without any guidance on securing that file, avoiding commits, or setting restrictive permissions. While this is common setup practice, omission of credential-handling precautions increases the chance of accidental secret exposure through source control, backups, or multi-user systems.

Vague Triggers

Medium
Confidence
80% confidence
Finding
Broad triggers such as '公众号 API', '微信发布', and 'wechat api' can cause the skill to activate for generic WeChat-related requests beyond the user's intended scope. That increases the chance of inappropriate invocation of a credential-using, network-capable skill in unrelated conversations.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation instructs users to place AppID and AppSecret into a local config file and use them for remote API calls, but it does not provide any warning about secret sensitivity, storage protections, or outbound transmission. This omission raises the risk of credential leakage through permissive file permissions, backups, shell history, screenshots, or misuse by other local processes.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The script transmits the WeChat app secret to the remote token endpoint without any explicit disclosure to the user at execution time, and it does so by placing the secret in the URL query string. Secrets in URLs are more likely to be logged by proxies, monitoring tools, shell history wrappers, or debugging output, increasing accidental exposure risk.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The script caches the access token to a local file without setting restrictive file permissions or warning the user. A token cached in a predictable location can be read by other local users or inadvertently committed, enabling unauthorized API use until expiration.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.