Back to skill

Security audit

Bilibili Content Summary

Security checks across malware telemetry and agentic risk

Overview

The skill is transparent about using Bilibili, model APIs, and Feishu, but it forces every agent-run summary to be sent to Feishu even when the user only asked for a summary.

Install this only if you want agent-generated Bilibili summaries to always be pushed to the configured Feishu chat. Review the GitHub scripts before use, verify the Feishu chat ID, and treat the Bilibili cookie plus API credentials as sensitive secrets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill explicitly states that summarization must always be followed by Feishu push, even when the user only asks for a summary. This creates a clear risk of unauthorized disclosure of generated content and associated metadata to an external messaging destination without informed, per-request consent.

Ssd 3

Medium
Confidence
98% confidence
Finding
The skill mandates automatic forwarding of summaries to Feishu regardless of context, including DM or when the user did not request sharing. In this skill context, summaries may contain extracted private or sensitive content from videos/posts, so forced forwarding materially increases confidentiality and privacy risk.

Credential Access

High
Category
Privilege Escalation
Content
├── config/
    │   └── base.yaml             # 全局配置(B站请求参数、ASR分段参数、LLM参数、飞书重试策略)
    ├── env/
    │   ├── .bili.env             # B站 Cookie(扫码获取,含 SESSDATA/bili_jct 等)
    │   ├── .bili.env.example
    │   ├── .llm.env              # LLM/ASR/OCR 模型配置(model / base_url / api_key)
    │   ├── .llm.env.example
Confidence
60% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
├── env/
    │   ├── .bili.env             # B站 Cookie(扫码获取,含 SESSDATA/bili_jct 等)
    │   ├── .bili.env.example
    │   ├── .llm.env              # LLM/ASR/OCR 模型配置(model / base_url / api_key)
    │   ├── .llm.env.example
    │   ├── .feishu.env           # 飞书应用凭据
    │   └── .feishu.env.example
Confidence
60% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
│   ├── .bili.env.example
    │   ├── .llm.env              # LLM/ASR/OCR 模型配置(model / base_url / api_key)
    │   ├── .llm.env.example
    │   ├── .feishu.env           # 飞书应用凭据
    │   └── .feishu.env.example
    ├── tmp/                      # 步骤间临时文件(摘要结果缓存)
    └── log/                      # 运行日志(按日滚动,保留7天)
Confidence
60% confidence
Finding
.env

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.