Skills
skills/wecomteam/wecom-cli/wecomcli-doc/Gen Agent Trust Hub

wecomcli-doc

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the wecom-cli command-line tool to perform all operations as defined in the SKILL.md and reference documentation.
  • [DATA_EXFILTRATION]: The skill has the capability to read sensitive organizational data from WeCom documents and smartsheets, which is a core function of the integration.
  • Evidence: Tools get_doc_content and smartsheet_get_records provide access to document body and spreadsheet record data.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes document content that may contain untrusted instructions.
  • Ingestion point: get_doc_content (documented in references/get-doc-content.md).
  • Boundary markers: No explicit boundary markers or instruction-ignoring warnings are present in the command templates.
  • Capability inventory: The agent has the ability to modify content (edit_doc_content) and delete structures or data (smartsheet_delete_sheet, smartsheet_delete_records).
  • Sanitization: No content sanitization or validation logic is specified for ingested data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 02:54 AM