zhihu-post
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to interact with the Zhihu editor through a browser extension. All operations are performed within the context of the user's existing login session, and no sensitive information is exfiltrated to external servers.
- [COMMAND_EXECUTION]: The skill executes a local Python script (
scripts/zhihu_prepare.py) to process Markdown content. The script uses standard regex for text conversion and does not involve any dangerous functions such aseval(),exec(), or untrusted system calls. - [DATA_EXFILTRATION]: No unauthorized network activity or data exfiltration patterns were detected. All network communication is handled via the Browser Relay extension to the official Zhihu domain.
- [PROMPT_INJECTION]: The skill instructions in
SKILL.mdare purely functional and do not contain patterns intended to bypass AI safety filters or override system instructions.
Audit Metadata