reply-current
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill follows best practices for communicating with its platform's local API.
- [DATA_EXFILTRATION]: The skill performs local network operations to '127.0.0.1:36111' to send replies. This targets a local loopback address as part of the intended bridge communication architecture.
- [PROMPT_INJECTION]: The skill processes inbound chat data including mentions and quotes from QQ, which serves as a potential surface for indirect prompt injection.
- Ingestion points: QQ message content and quote blocks are processed to determine the reply target and context.
- Boundary markers: Structured context blocks such as '[quotemsg:id...]' are used by the bridge platform to delimit external content.
- Capability inventory: Local network POST for message delivery and file path submission for images and documents stored in '.run/artifacts/'.
- Sanitization: Includes defensive newline normalization to ensure correct rendering of shell-quoted strings.
Audit Metadata