Skills
skills/smallnest/langgraphgo/wechat-article-writer/Gen Agent Trust Hub

wechat-article-writer

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (LOW): Detected an Indirect Prompt Injection vulnerability surface (Category 8). The skill is designed to ingest and process data from external, untrusted sources which could contain malicious instructions.
  • Ingestion points: The skill utilizes the web_fetch tool in Step 1 to retrieve content from user-provided URLs.
  • Boundary markers: Absent. There are no instructions to the agent to treat fetched content as data only or to ignore embedded commands (e.g., 'ignore previous instructions').
  • Capability inventory: The agent has access to web_fetch, exa:web_search_exa for further information gathering, and mem0-memory-mcp for long-term storage of preferences and data.
  • Sanitization: Absent. No logic is present to sanitize or filter the content retrieved from external websites before processing it.
  • EXTERNAL_DOWNLOADS (LOW): The skill performs network operations via web_fetch and exa:web_search_exa. While these are core to the skill's purpose of researching and writing articles, they involve connecting to and downloading data from arbitrary external domains.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:34 PM