wechat-mp-writer

SUSPICIOUS: the core local article-rendering workflow is coherent with the stated purpose, but the skill materially expands into public posting and external-content ingestion through transitive skills and external script paths. No direct malicious behavior or credential theft is evident here, yet the delegated publish pipeline and skill-to-skill trust chain make it a medium-risk automation skill rather than benign documentation-only tooling.