add-wechat

SUSPICIOUS. The skill mostly matches its stated purpose of adding a WeChat channel, and there is no clear credential exfiltration or proxying to a third-party endpoint. However, it pulls executable adapter code from an unpinned Git branch tied to whatever `origin` is configured, installs an external client library, and enables autonomous messaging through a personal WeChat account. This is a coherent but moderately risky integration rather than confirmed malware.