wechat-to-md

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's MCP tools (see wechat_to_md/mcp_server.py: convert_article and batch_convert) fetch and render public WeChat article pages from https://mp.weixin.qq.com/ using fetch_page_html (wechat_to_md/scraper.py) and return/convert that untrusted, user-generated content for the agent to read, which could contain instructions that influence subsequent agent actions (also documented in SKILL.md/README for AI integration).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill requires and imports the camoufox package (referenced as https://github.com/nichochar/camoufox) and the README/SKILL.md explicitly state "Camoufox browser will be auto-downloaded on first run," which is a runtime fetch of a remote browser binary that will be executed, making it a required runtime download of external code.