wechat-watch

SUSPICIOUS: the stated purpose matches WeChat monitoring and Feishu push, but the skill expands trust to an unpinned external GitHub service and then uses it for login/session handling. Automatic Feishu delivery is also a high-risk autonomous action, though aligned with the feature set. Main issue is supply-chain and delegated trust, not confirmed malware.