Back to skill

Security audit

QQBot Send Local Media

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: temporarily copy a user-selected file so QQBot can send it, then remove the temporary copy.

Install only if you want an agent to send specific local files through QQBot. Verify the file path and QQ destination before use, especially for sensitive documents, and keep the bundled staging script unchanged.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill instructs the agent to run a staging script that copies files into a relay directory and later removes the staged copy, which is file-write/delete capability. Because the skill declares no permissions, users and reviewers are not informed that invoking it can modify local filesystem state, creating a trust and safety gap that could be abused or cause unintended side effects.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.