wechat-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly reads user-generated WeChat messages via wxauto.GetAllMessage (Windows) and extractMessages/Accessibility API (macOS) and sends those message contents to the Orchestrator, so it ingests untrusted third-party user content (WeChat chat messages) as part of its runtime workflow.