good-mp-post
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill facilitates legitimate tasks through scripts like
upload_media.py,create_draft.py, andpublish_article.py. These scripts use theargparsemodule to handle inputs safely and do not invoke arbitrary shell commands. - [EXTERNAL_DOWNLOADS] (LOW): The project requires standard Python and Node.js dependencies (e.g.,
fastapi,requests,sqlalchemy,tsx) from trusted registries (PyPI and npm). These are used for the web server, API requests, and database management. - [DATA_EXFILTRATION] (LOW): The skill transmits article content and authentication tokens to
https://api.weixin.qq.com. While this involves sending data to an external domain, it is the official endpoint required for the skill's stated functionality. No unauthorized data exfiltration was detected. - [PROMPT_INJECTION] (LOW): As a content publishing tool, the skill may process data from untrusted external sources if an agent is used to summarize web content for publication. This presents a surface for indirect prompt injection.
- Ingestion points:
scripts/create_draft.py(via command line arguments),app/api/articles.py(via API endpoints). - Boundary markers: Absent in the article content fields.
- Capability inventory: File system writes (SQLite, images), Network writes (WeChat API).
- Sanitization: Uses standard JSON serialization; no specific HTML/Prompt sanitization detected on article content.
Audit Metadata