agency-agents-zh-skill

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The README instructs cloning and running code from the external repository https://github.com/jnMetaCode/agency-agents-zh.git (git clone ... then ./scripts/install.sh), which fetches remote agent role files and executes install scripts so the fetched content directly controls agent prompts/instructions and is required for the skill.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). Yes. The skill includes explicit payment integration examples and credentials for payment platforms. In particular, the "微信小程序开发者" agent lists "微信支付集成" and shows concrete code calling wx.requestPayment (via a createOrder cloud function returning payment payload). Environment variables include WECHAT_APP_ID and WECHAT_APP_SECRET. This is a specific payment gateway integration (WeChat Pay) capable of initiating real transactions, which meets the "Direct Financial Execution" criteria.