wx-favorites-report

SUSPICIOUS. The install path is mostly legitimate PyPI tooling, but the skill’s core behavior is to weaken app protections, intercept encryption keys, and decrypt a private WeChat database. That footprint is disproportionate to a simple reporting skill and fits high-risk instrumentation/decryption tooling rather than benign visualization alone.