wechat-article-fetcher
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The script fetches article content and images from WeChat's official domains (
mp.weixin.qq.com,mmbiz.qpic.cn). These are well-known services and the behavior is essential to the skill's primary purpose. - [COMMAND_EXECUTION]: No evidence of arbitrary command execution. The script uses standard libraries for its operations and does not invoke shell commands with untrusted input.
- [DATA_EXFILTRATION]: No sensitive local data is accessed or transmitted. The network activity is limited to fetching the requested article content.
- [PROMPT_INJECTION]: The skill processes external HTML content, which presents a surface for indirect prompt injection. However, the risk is localized as the script does not use high-privilege capabilities (like
evalorsubprocess) to process this data. - Ingestion points:
scripts/fetch_wechat_article.pyfetches external HTML content via therequestslibrary. - Boundary markers: No specific boundary markers are used when presenting the content to the agent context.
- Capability inventory: The skill is capable of performing local file system writes (
Path.mkdir,Path.write_text,Path.write_bytes) and network GET requests. - Sanitization: The
safe_filenamefunction uses regular expressions to strip dangerous characters (e.g.,\ / : * ? " < > |) from article titles and account names before using them in file paths, mitigating directory traversal risks.
Audit Metadata