wechat-article-archive

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes several internal Python scripts (e.g., collect_articles.py, discover_account_articles.py) to manage the archiving process. These scripts are executed locally to fetch, parse, and package content.
  • [EXTERNAL_DOWNLOADS]: Network operations are strictly limited to official WeChat domains (mp.weixin.qq.com, mmbiz.qpic.cn, etc.) for retrieving article text and images. The skill enforces a 20MB limit on individual image downloads and validates content types.
  • [CREDENTIALS_UNSAFE]: Local session management is handled securely. Tokens required for accessing article lists are stored in ~/.cache/wechat-article-archive/session.json with restrictive file permissions (0o600), ensuring only the current user can access them.
  • [SAFE]: The skill includes a dedicated validation utility (validate_archive.py) that performs security checks on the generated archive, including verification of canonical paths to prevent directory traversal (..) and checks for forbidden file types or symbolic links.
  • [DATA_EXFILTRATION]: Analysis of network traffic patterns shows no evidence of unauthorized data transmission to third-party servers. All external requests are necessary for the primary function of archiving content from requested WeChat URLs.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 08:46 AM
Security Audit — agent-trust-hub — wechat-article-archive