Skills
skills/jimliu/baoyu-skills/baoyu-post-to-weibo/Gen Agent Trust Hub

baoyu-post-to-weibo

Fail

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The paste-from-clipboard.ts script is vulnerable to AppleScript injection in the pasteMac function. The targetApp parameter is interpolated directly into an AppleScript string without any sanitization before being executed via osascript. If an attacker can influence the application name, they could execute arbitrary system commands on macOS.
  • [EXTERNAL_DOWNLOADS]: The md-to-html.ts script contains a downloadFile function that fetches images from remote HTTPS URLs provided in Markdown content. This behavior allows the skill to perform arbitrary network requests to download and store files on the local system.
  • [EXTERNAL_DOWNLOADS]: The SKILL.md entry point instructs the agent to use npx -y bun, which dynamically downloads and installs the Bun runtime from the npm registry if it is not already present, representing an unverifiable external dependency at runtime.
  • [COMMAND_EXECUTION]: The copy-to-clipboard.ts and paste-from-clipboard.ts scripts execute platform-specific commands (PowerShell, AppleScript, xdotool) to manage system clipboard operations. While necessary for the skill's functionality, these operations involve spawning shell processes and manipulating system state.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 9, 2026, 09:46 PM