Skills
skills/zhenxuanshi-ship-it/meatpiegua_skills/md-to-zhihu/Gen Agent Trust Hub

md-to-zhihu

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/publish.py executes system browser binaries (Chrome or Edge) using subprocess.Popen with the --remote-debugging-port flag to enable automated interactions.
  • [CREDENTIALS_UNSAFE]: Authentication cookies are captured during the login process and stored in a local .zhihu_cookies.json file. A persistent browser profile is also created in the .zhihu_browser_profile directory.
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of Playwright and its associated browser binaries from external repositories to function.
  • [DATA_EXFILTRATION]: Local article content and authentication metadata are transmitted to Zhihu's official API endpoints and web services during the publishing workflow.
  • [PROMPT_INJECTION]: The skill processes user-supplied Markdown files without sanitization, creating an indirect prompt injection surface. \n
  • Ingestion points: Markdown files read by convert.py and publish.py. \n
  • Boundary markers: None identified; content is processed without delimiters. \n
  • Capability inventory: Local command execution, file system access, and network communication with Zhihu APIs. \n
  • Sanitization: No validation or cleaning is performed on input Markdown before it is converted to HTML and submitted to the target platform.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 03:26 AM