Skills
skills/alpha-hecoding/awesome-skills/wechat-article-maker/Gen Agent Trust Hub

wechat-article-maker

Fail

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/wechat-agent-browser.ts constructs shell commands using unvalidated article titles and content, then executes them via execSync. This creates a critical command injection vulnerability where a maliciously crafted title could execute arbitrary code on the host machine.
  • [REMOTE_CODE_EXECUTION]: scripts/md/utils/languages.ts dynamically loads and executes remote JavaScript code from cdn-doocs.oss-cn-shenzhen.aliyuncs.com using the import() function.
  • [DATA_EXFILTRATION]: Scripts like scripts/wechat-api.ts access and read sensitive configuration files containing WeChat API credentials (AppID and AppSecret) located at ~/.awesome-skills/.env.
  • [EXTERNAL_DOWNLOADS]: scripts/generate-cover.ts downloads font files from external mirrors at runtime if they are not present locally.
  • [PROMPT_INJECTION]: The link-article publishing workflow in SKILL.md fetches content from untrusted external URLs and processes it with LLM instructions without sanitization or boundary markers, creating an indirect prompt injection surface.
  • [COMMAND_EXECUTION]: scripts/copy-to-clipboard.ts and scripts/paste-from-clipboard.ts generate and execute platform-specific scripts at runtime to interact with the system clipboard.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 11, 2026, 12:29 AM