Skills
skills/aiworkskills/wechat-article-skills/aws-wechat-sticker/Gen Agent Trust Hub

aws-wechat-sticker

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes local Python scripts to handle specialized tasks. It executes image_create.py (from the sibling aws-wechat-article-images skill) to generate images and publish.py (from aws-wechat-article-publish) to upload content to WeChat.
  • [CREDENTIALS_UNSAFE]: Accesses the aws.env file to retrieve sensitive credentials, including IMAGE_MODEL_API_KEY, WECHAT_1_APPID, and WECHAT_1_APPSECRET. This is standard practice for the skill's automation workflow.
  • [DATA_EXFILTRATION]: Transmits the IMAGE_MODEL_API_KEY to the endpoint specified in the user's configuration and uploads generated image files to the official WeChat API. These network operations are core to the skill's functionality.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes external data to build prompts for image generation.
  • Ingestion points: Reads metadata and instructions from article.yaml, topic-card.md, and user-provided theme descriptions.
  • Boundary markers: None identified in the prompt construction logic.
  • Capability inventory: Shell execution (python3), network requests (image and WeChat APIs), and filesystem writes (imgs/ directory).
  • Sanitization: No specific sanitization or filtering of input data is mentioned before it is used in prompt construction.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 05:41 AM