AI DevBlog Factory

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed automation for gathering public tech news, generating a report, and publishing it to Feishu; the main risk is accidental sharing if run without draft mode.

Before installing, review the dependent skills that do the actual scraping and Feishu writes. Run with draft mode first, verify the destination folder and Feishu permissions, and enable cron or notifications only after confirming the generated content is safe to share in that workspace.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The skill claims Feishu documents are 'default creator-only visible', but the actual workflow sets `grant_to_requester: true`, which automatically shares the generated document with the requester. This mismatch can cause unintended disclosure of generated content, especially if the blog includes internal summaries, private feed content, or organization-specific analysis.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README repeatedly states that generated content will be automatically published to Feishu, but it does not clearly and prominently warn that data collected from external sources and AI-generated output will be sent to a third-party workspace/service. This can lead to unintended data disclosure, compliance issues, or accidental publication in an organization workspace, especially when users treat the skill as a local content-generation tool rather than an outbound publishing workflow.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger phrases are broad, generic terms such as '开发博客', '技术周报', and '生成周报', which can overlap with ordinary user conversation. In agent environments with automatic skill routing, this increases the chance of accidental activation, causing unintended network fetches, content generation, and publication actions.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation guidance shows examples like '生成今日技术博客' and '技术周报生成' but does not define strict activation boundaries, confirmation requirements, or non-trigger cases. Because this skill performs external data collection and publishes to Feishu, ambiguous invocation rules materially raise the risk of unintended execution and data sharing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal