wecomcli-get-todo-detail
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill correctly identifies its dependency on the 'wecom-cli' binary and uses it to perform operations within its stated scope.
- [COMMAND_EXECUTION]: The skill executes 'wecom-cli' commands to fetch todo details and contact information. This is the intended behavior for a CLI-integrated skill and does not involve arbitrary or dangerous command execution.
- [DATA_EXPOSURE]: The skill processes todo and contact IDs. It follows best practices by instructing the agent to resolve internal IDs to human-readable names using a lookup mechanism. No sensitive credentials or unauthorized network exfiltration patterns were observed.
Audit Metadata