Skills
skills/aradotso/devtools-skills/wx-cli-wechat-local-data/Gen Agent Trust Hub

wx-cli-wechat-local-data

Fail

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The installation instructions include patterns that download and execute scripts directly from a remote source via the command line, which could allow for arbitrary code execution.
  • Evidence: curl -fsSL https://raw.githubusercontent.com/jackwener/wx-cli/main/install.sh | bash in SKILL.md.
  • Evidence: irm https://raw.githubusercontent.com/jackwener/wx-cli/main/install.ps1 | iex in SKILL.md.
  • [COMMAND_EXECUTION]: The skill instructs the user or agent to perform high-risk system operations that require elevated privileges and bypass standard security controls.
  • Evidence: Commands requiring sudo or Administrator access, such as sudo wx init.
  • Evidence: Instructions to modify application code signatures using codesign to allow memory scanning.
  • Evidence: Instructions to reset macOS TCC (Transparency, Consent, and Control) privacy database entries using tccutil for multiple sensors and folders.
  • [DATA_EXFILTRATION]: The core functionality involves extracting highly sensitive personal information, including chat history, contact lists, and encryption keys, from a local application's memory and database.
  • Evidence: "Scans WeChat's memory to extract database encryption keys" in SKILL.md.
  • Evidence: Capability to query and export messages, contacts, groups, and favorites.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/jackwener/wx-cli/main/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 16, 2026, 04:24 PM