wecom-get-todo-detail
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses enterprise task data and the corporate contact list. This access is limited to the
wecom_mcptool and is necessary to achieve the primary purpose of displaying readable task information to the user. No unauthorized external transmission was detected.\n- [PROMPT_INJECTION]: The skill processes task descriptions and user names from external tool outputs, which constitutes a surface for indirect prompt injection. However, given the skill's restricted scope and absence of high-risk capabilities like file system modifications or arbitrary command execution, this surface does not pose a significant risk.
Audit Metadata