weibo-skill
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill facilitates access to public social media data through official mobile API endpoints. It does not attempt to access sensitive local files, hardcode credentials, or exfiltrate private data.
- [EXTERNAL_DOWNLOADS]: The skill lists 'httpx' as a dependency. This is a well-known, reputable Python library used for making HTTP requests and is considered a safe external dependency.
- [PROMPT_INJECTION]: The skill ingests untrusted third-party content from Weibo (such as user comments and posts). While this creates an ingestion point for potential indirect prompt injection, the skill does not possess dangerous capabilities like arbitrary command execution or file system write access that would be necessary to exploit such an injection.
Audit Metadata