wechat-article-fetcher
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the download of Chromium browser binaries using the Playwright framework, an official tool provided by Microsoft.\n- [COMMAND_EXECUTION]: Installation requires running the
playwright install chromiumcommand, which executes a setup script to install the necessary browser environment.\n- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection (Category 8) due to its data-fetching capabilities.\n - Ingestion points: Untrusted content is ingested from external WeChat URLs in
wechat_fetcher.py.\n - Boundary markers: The skill does not implement delimiters or 'ignore' instructions to isolate fetched content from agent instructions.\n
- Capability inventory: The script allows writing the fetched content to local files through the
output_pathargument.\n - Sanitization: The extracted text is not sanitized or filtered, meaning any malicious instructions within an article could be passed directly to the agent.
Audit Metadata