wechat-article-fetcher
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The script downloads article content and image resources from official WeChat domains (
mp.weixin.qq.com) and associated content delivery networks. This is the primary function of the skill and uses standard HTTP GET requests via theaxioslibrary. - [PROMPT_INJECTION]: The skill processes untrusted third-party content from the web, creating a potential surface for indirect prompt injection. If a fetched article contains instructions designed to manipulate an AI agent, those instructions will be included in the generated Markdown output.
- Ingestion points: The
scripts/fetch.jsfile fetches arbitrary HTML content from user-provided WeChat URLs. - Boundary markers: The skill does not implement specific delimiters or 'ignore' instructions in the generated output to isolate the untrusted content from the rest of the agent's context.
- Capability inventory: The skill has file system write access (
fs.writeFileSync) and network read access (axios.get). - Sanitization: The script performs basic sanitization of filenames to ensure compatibility and escapes colons in metadata to maintain YAML structure.
Audit Metadata