Skills
skills/daymade/claude-code-skills/wechat-article-scraper/Gen Agent Trust Hub

wechat-article-scraper

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements thorough HTML sanitization in scripts/export.py using a dedicated _sanitize_html function that strips dangerous tags (like <script>, <iframe>), event handlers, and malicious protocols (javascript:, data:) from processed article content.
  • [SAFE]: Image downloading logic in scripts/images.py includes strict path validation (_validate_safe_path) and filename sanitization to prevent path traversal attacks when saving files to the local system.
  • [SAFE]: Subprocess calls in scripts/router.py are used appropriately for checking environment dependencies and executing local helper scripts with validated inputs.
  • [SAFE]: The skill performs network requests to legitimate external services (WeChat, Sogou, Jina AI, Miku AI) as documented and required for its core scraping and searching functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 01:14 AM
Security Audit — agent-trust-hub — wechat-article-scraper