csdn-article-publish
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to execute a Node.js script (
scripts/csdn_article.js) to perform article management tasks. - [DATA_EXFILTRATION]: The script reads authentication credentials (session cookies and API signatures) from the local
csdn_config.jsonfile and transmits them to the official CSDN API endpoint (bizapi.csdn.net). This is a well-known service, and the operation is necessary for the skill to authenticate with the user's account. - [SAFE]: The skill includes a local, bundled version of the 'marked' library (
scripts/marked.umd.js) to convert Markdown content to HTML before publication. This processing is performed entirely within the local environment. - [SAFE]: The script implements built-in configuration validation to ensure that sensitive fields are correctly populated and not left as placeholder values from the example template.
Audit Metadata