Auto-Redbook
Warn
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- CREDENTIALS_UNSAFE (HIGH): The skill uses Playwright to automate browser login and captures full session cookies (including 'web_session' and 'a1'), which are stored in a local .env file. These credentials allow complete account access and are sensitive data points.
- EXTERNAL_DOWNLOADS (MEDIUM): Multiple batch files (test_environment.bat, start_publish_fixed.bat) perform runtime installations of Python packages via 'pip install'. This practice introduces risks from potentially untrusted third-party dependencies.
- REMOTE_CODE_EXECUTION (MEDIUM): The rendering engine (render_xhs.py) processes user-provided Markdown into HTML for rendering in Playwright. Without visible sanitization of the input Markdown, this creates a potential vector for script injection within the automated browser context.
- COMMAND_EXECUTION (LOW): The project relies on batch files to execute Python scripts using specific hardcoded paths (e.g., C:\Python314\python.exe).
Audit Metadata