baoyu-post-to-wechat
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill extensively uses Node.js
child_processmodules to facilitate browser automation and system interaction. - It spawns Google Chrome instances with debugging ports enabled for CDP automation in
cdp.tsandwechat-browser.ts. - It executes platform-specific commands for clipboard management, including
osascriptandswifton macOS,powershellon Windows, andxclip/wl-copyon Linux incopy-to-clipboard.ts. - It uses
spawnSyncto orchestrate internal markdown rendering processes andagent-browserfor alternative automation flows. - [EXTERNAL_DOWNLOADS]: The skill facilitates the download of external resources necessary for content processing.
md-to-wechat.tsfetches remote images from user-provided URLs to prepare them for WeChat upload.utils/languages.tsdynamically loads syntax highlighting grammars from a well-known CDN (OSS Aliyun).- [REMOTE_CODE_EXECUTION]: The documentation and diagnostic scripts reference a common piped installation pattern.
SKILL.mdandcheck-permissions.tssuggest the commandcurl -fsSL https://bun.sh/install | bashto help users install the Bun runtime.- Because this targets a well-known service and requires manual execution by the user during setup, it is classified as a safe instructional reference rather than an automated vulnerability.
- [DATA_EXFILTRATION]: The skill transmits content and credentials to external servers as part of its primary purpose.
wechat-api.tssends article data and media toapi.weixin.qq.com.- These transmissions are directed exclusively to official WeChat endpoints and are required for the skill to function as intended.
Audit Metadata