wecomcli-meeting
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
wecom-clicommand-line utility to perform meeting management tasks such as creating, listing, and canceling meetings. These operations are consistent with the skill's stated purpose and use structured JSON parameters for input. - [INDIRECT_PROMPT_INJECTION]: The skill processes data from external sources (WeCom meeting details). While it lacks explicit boundary markers or sanitization instructions for this data, the capabilities are limited to meeting management and the risk is considered low in the context of a dedicated administrative tool.
- Ingestion points: Meeting titles, descriptions, and location data are retrieved via
get_meeting_infoinSKILL.md. - Boundary markers: None identified in the prompt instructions for tool outputs.
- Capability inventory: File system access is limited to the
wecom-clibinary; network operations are encapsulated within the CLI tool; meeting modification/cancellation is supported. - Sanitization: No specific sanitization or escaping logic is defined for the interpolated meeting content.
Audit Metadata