wechat-post-publisher
Fail
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The syntax highlighting component (super-md) uses dynamic
import()to fetch and execute JavaScript files from a remote Aliyun CDN (cdn-doocs.oss-cn-shenzhen.aliyuncs.com) at runtime based on user-supplied content. - [COMMAND_EXECUTION]: The skill utilizes osascript (macOS), PowerShell (Windows), and xdotool/ydotool (Linux) to send system-level keystrokes and manipulate system event sessions to bypass browser automation restrictions.
- [COMMAND_EXECUTION]: The skill dynamically generates, writes, and executes Swift scripts on macOS to perform system-level clipboard operations for image and HTML content.
- [COMMAND_EXECUTION]: The skill automates a Google Chrome instance using the Chrome DevTools Protocol (CDP), executing arbitrary JavaScript code within the browser context to interact with the WeChat Official Account platform.
- [EXTERNAL_DOWNLOADS]: The skill downloads remote files from arbitrary user-provided URLs using the http and https modules to process images for publishing.
- [EXTERNAL_DOWNLOADS]: The PlantUML extension sends user diagram content to a remote server (plantuml.com) and downloads the generated image renders.
Recommendations
- AI detected serious security threats
Audit Metadata