wechat-daily-report
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires several external Python libraries (jieba, jinja2, playwright) and downloads the Chromium browser via Playwright to render the report image. These are standard dependencies for the tool's stated purpose.
- [COMMAND_EXECUTION]: The skill executes system commands to install dependencies (
pip install,playwright install) and runs Python scripts (analyze_chat.py,generate_report.py) to process data and generate the output. These operations are transparently documented in the SKILL.md and README.md and are necessary for the skill's functionality. - [DATA_EXPOSURE]: The skill processes user-provided WeChat chat logs. Analysis is performed locally on the user's machine, and temporary files created during the process (stats.json, simplified_chat.txt) are optionally deleted using the
--clean-tempflag. No evidence of data exfiltration to remote servers was found. - [TRUST_SCOPE_RULE]: References to the author's own GitHub repository (leonense22) for documentation and zip downloads are considered vendor-owned resources and do not escalate the verdict.
Audit Metadata