wx-native-builder
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): The skill content is purely instructional, providing coding standards (750rpx layout, lifecycle methods) and templates for WeChat Mini Program development. It does not contain executable code, network requests, or sensitive file access.
- [Indirect Prompt Injection] (INFO): The skill is designed to process user-provided code for refactoring or debugging.
- Ingestion points: User-provided WXML/WXSS/JS/TS/JSON code via chat prompts.
- Boundary markers: None present; instructions rely on the LLM's context window to differentiate instructions from user data.
- Capability inventory: Limited to generating code output for display; no subprocess execution, file-system writes, or network operations are defined.
- Sanitization: Not applicable as the skill's purpose is to generate text-based code responses for the user to copy-paste.
Audit Metadata