wechat-multi
Fail
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on elevated privileges to clone applications and re-sign binaries in the /Applications directory. It instructs users to add a NOPASSWD entry to the sudoers configuration, allowing the bash interpreter to run the skill's script with root privileges without a password.
- [COMMAND_EXECUTION]: The script file (~/.claude/skills/wechat-multi/scripts/wechat-multi.sh) is located in a directory writable by the user. This configuration allows for trivial privilege escalation, as the script can be modified to include malicious commands and then executed via sudo to achieve full system compromise.
- [COMMAND_EXECUTION]: The execution script removes macOS security attributes, specifically the com.apple.quarantine flag, and performs deep ad-hoc code signing on the application clones. This process bypasses standard system integrity and security checks for the resulting application instances.
Recommendations
- AI detected serious security threats
Audit Metadata