▥AGENT LAB: SKILLS — FEB 26 NYCNYC

skills/geekjourneyx/md2wechat-skill/md2wechat/Snyk

md2wechat

Warn

Audited by Snyk on Feb 15, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The skill explicitly downloads and ingests content from arbitrary online URLs (e.g., the download_and_upload "https://example.com/image.png" command) and also calls external services/APIs (API mode using md2wechat.cn and external IMAGE_API providers) so it consumes untrusted third‑party content as part of its runtime workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The run.sh wrapper auto-downloads and executes a platform-specific binary at runtime from the GitHub releases URL pattern (e.g. https://github.com/geekjourneyx/md2wechat-skill/releases/download/v1.10.0/), meaning remote executable code is fetched and run as a required dependency.

Audit Metadata

Risk Level

MEDIUM

Analyzed

Feb 15, 2026, 08:52 PM