Skills
skills/azure12355/weilan-skills/baoyu-post-to-wechat/Gen Agent Trust Hub

baoyu-post-to-wechat

Warn

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The file scripts/md/utils/languages.ts dynamically fetches and executes JavaScript modules for code syntax highlighting from an external CDN (cdn-doocs.oss-cn-shenzhen.aliyuncs.com) using the import() function.
  • [COMMAND_EXECUTION]: Extensive use of shell command execution across multiple scripts to control the environment and system tools.
  • scripts/copy-to-clipboard.ts dynamically generates a Swift script on macOS and executes it using the swift command. It also executes powershell.exe on Windows and xclip/wl-copy on Linux.
  • scripts/paste-from-clipboard.ts uses osascript (macOS), powershell.exe (Windows), and xdotool/ydotool (Linux) to simulate system-wide keystrokes.
  • scripts/cdp.ts and scripts/wechat-browser.ts launch Chrome with various flags including --disable-blink-features=AutomationControlled to bypass bot detection.
  • [EXTERNAL_DOWNLOADS]: scripts/md-to-wechat.ts fetches images from arbitrary remote URLs provided in markdown content using http/https and saves them to a temporary directory on the local disk.
  • [CREDENTIALS_UNSAFE]: The skill instructs the agent to prompt the user for WeChat API credentials (WECHAT_APP_ID, WECHAT_APP_SECRET) and store them in .env files located in the project directory or the user's home directory.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 9, 2026, 11:41 PM