wechat-daily-report

Fail

Audited by Snyk on Jun 24, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.80). These are GitHub repositories (not simple CDN downloads) that clone/run a third‑party wechat‑decrypt tool, compile and execute native code, install dependencies and access local WeChat databases — legitimate on GitHub but risky if the authors/repositories are not trusted because the workflow executes code with elevated/local-data access and could be used to distribute malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.95). Step 5/6 ingests simplified_chat*.txt and stats.json generated from decrypted WeChat message content (outsider-authored group chat text) into the agent’s LLM context for ai_content.json generation.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.95). High-confidence: setup_check.py, which the SKILL instructs to run with --ensure-decryptor, will git-clone the remote repository https://github.com/ylytdeng/wechat-decrypt at runtime and the project later executes that vendor code (via decrypt_wechat.py calling main.py / compiled scanner), meaning fetched remote code is required and executed.

Issues (3)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 24, 2026, 07:37 AM
Issues
3
Security Audit — snyk — wechat-daily-report