agentbay-monitor-skills

The fragment is a benign-looking Markdown-to-HTML/PDF helper with CJK font embedding and a sentiment-chart SVG generator. There are no explicit malicious behaviors (no exec/eval, no network exfiltration, no shell spawning) in the provided code. However the file is syntactically corrupted/malformed with injected template/Chinese text and undefined placeholders; that is a supply-chain/integrity red flag. Before use, obtain a clean/canonical copy from the upstream repository, inspect other package files for unexpected network operations, and fix the broken template/code. The immediate malware probability is low, but the corruption raises moderate risk until the package integrity is verified.

No explicit malicious code is visible in the provided SKILL.md documentation. The skill’s claimed capabilities (crawl → sentiment → report) and required inputs (keywords, optional browser login, AGENTBAY_API_KEY) are coherent for a monitoring/reporting skill. However, there are supply-chain and privacy concerns: the dependency on an unfamiliar SDK (wuying-agentbay-sdk) and an API key with a managed console imply potential remote communications whose purposes are not documented here. Because the actual scripts and SDK are not included, it is not possible to rule out data exfiltration or unexpected network behavior. Recommended actions before trust: inspect crawl.py/login.py/report.py and the wuying-agentbay-sdk package source to confirm they do not send scraped data or credentials to third-party endpoints, and confirm the exact use of AGENTBAY_API_KEY. Until those are audited, treat the skill as suspicious for potential data exfiltration/privacy risk.