wechat-article-writer
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill fetches and summarizes content from the web, which could contain malicious instructions designed to influence the agent's behavior.
- Ingestion points: Web search results from technical forums, social media, and official documents (File: SKILL.md, Step 1).
- Boundary markers: Absent. There are no instructions provided to the agent to treat search results as untrusted data or to ignore instructions embedded within the retrieved content.
- Capability inventory: None. The skill primarily generates text and does not execute system commands or perform network exfiltration.
- Sanitization: Absent. The search results are summarized and incorporated into the writing process without filtering or escaping.
Audit Metadata