wxpay-product-coupon
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions primarily as a knowledge base and code repository for WeChat Pay integration.
- [SAFE]: The skill's global rules explicitly forbid the AI from using file-writing tools (
write_to_file,replace_in_file) or generating code from scratch, mitigating the risk of unauthorized system modifications. - [SAFE]: All code examples for Java and Go use clear placeholders (e.g., 'xxxxxxxx', '/path/to/apiclient_key.pem') instead of hardcoded sensitive credentials.
- [SAFE]: Network operations defined in the utility classes target legitimate and well-known official domains belonging to WeChat Pay (
api.mch.weixin.qq.com). - [SAFE]: No patterns of obfuscation, persistent mechanisms, or privilege escalation were detected in the skill's instructions or supporting scripts.
Audit Metadata