Skills
skills/cyhzzz/finance_aigc_skills/viral-content-factory/Gen Agent Trust Hub

viral-content-factory

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes subprocess.run to execute local Python scripts and a Node.js-based screenshot tool (capture.js) for core functionality related to layout rendering and theme extraction.
  • [EXTERNAL_DOWNLOADS]: The skill fetches data from several well-known services (Weibo, Baidu, Toutiao, 360 Search) to identify trending topics and perform SEO analysis. It also interacts with official APIs for WeChat and multiple AI image generation providers.
  • [CREDENTIALS_UNSAFE]: The tool handles sensitive credentials, including WeChat AppID/Secret and various AI service API keys, which are stored in local configuration files (config.yaml). While this follows common practices, the skill's broad functionality involves frequent use of these secrets across network operations.
  • [PROMPT_INJECTION]: The skill has a surface area for indirect prompt injection as it ingests untrusted data from the web (trending topics, SEO suggestions) and user-provided articles, which are then interpolated into prompts without explicit sanitization or strict boundary markers.
  • Ingestion points: Data enters the context via scripts/fetch_hotspots.py, scripts/seo_keywords.py, and scripts/fetch_article.py.
  • Boundary markers: Not present in most templates to isolate untrusted data from instructions.
  • Capability inventory: The skill possesses significant capabilities, including shell execution (Bash), network access (WebSearch, WebFetch), and extensive file operations (Read, Write, Edit).
  • Sanitization: No evidence of escaping or filtering of external content was observed prior to its use in generating content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 04:37 PM