miniprogram-ci
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides templates for Node.js scripts and shell commands designed to automate mini-program builds, previews, and uploads. These operations are intended for execution in local development or CI/CD environments to interface with official WeChat services.
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
miniprogram-cipackage, which is the official tool provided by WeChat for CI/CD integration, from standard package registries like npm, yarn, or pnpm. - [SAFE]: The skill contains explicit security reminders, specifically advising users to exclude private keys from version control using
.gitignoreand recommending the use of CI/CD secrets for sensitive configuration values rather than hardcoding them.
Audit Metadata