Skills
skills/d-wwei/agents-to-im/link-to-im/Gen Agent Trust Hub

link-to-im

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches installation scripts and update packages from the developer's public GitHub repository (d-wwei/Agents-To-IM).
  • [COMMAND_EXECUTION]: Spawns local processes for AI agents (claude, codex, gemini) and executes development utilities such as npm, esbuild, and ffmpeg as part of its core bridging functionality.
  • [REMOTE_CODE_EXECUTION]: Integrates self-update and self-healing modules (update-kit and udd-kit) that can download and apply code changes from the upstream source upon user request or during installation.
  • [DATA_EXFILTRATION]: Transmits message data and session state to messaging platform APIs (Telegram, Discord, Feishu, QQ, WeChat) and optional third-party service providers (ElevenLabs, OpenAI) for voice processing.
  • [PROMPT_INJECTION]: Processes untrusted external input from messaging platforms which creates an indirect prompt injection surface; the skill mitigates this by implementing a permission broker that requires manual user confirmation in the messaging app before the AI agent can execute sensitive tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 01:51 AM