Skills
skills/steelan9199/wechat-publisher-skill/skill-refresh/Gen Agent Trust Hub

skill-refresh

Warn

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The script refresh-all-skills.js uses execSync to run the eskill command. The command string is constructed using the skill variable, which is directly derived from folder names in the filesystem (fs.readdirSync).
  • Evidence: const result = execSync(eskill install ${skill} --link --global --force, { ... }); in refresh-all-skills.js.
  • Risk: If a folder in the source directory is maliciously named (e.g., using shell metacharacters like ;, &, or |), it could lead to arbitrary command execution on the host system.
  • [COMMAND_EXECUTION]: The skill performs destructive filesystem operations by recursively deleting a specific directory in the user profile.
  • Evidence: fs.rmSync(targetSkillsDir, { recursive: true, force: true }); where targetSkillsDir is hardcoded to C:/Users/Administrator/.emp-agent/skills in refresh-all-skills.js.
  • Risk: This operation permanently deletes the contents of the target directory without user confirmation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 28, 2026, 08:14 PM