weread
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill communicates exclusively with the official WeRead API gateway at
i.weread.qq.com, which is a service domain operated by a well-known technology provider. - [SAFE]: Credential handling is implemented securely by utilizing an environment variable (
$WEREAD_API_KEY) for authentication instead of hardcoding sensitive tokens within the skill files. - [SAFE]: The skill includes a robust versioning and update protocol that allows the agent to receive and act upon maintenance or upgrade instructions from the official service provider, ensuring long-term stability and security.
- [SAFE]: No patterns of malicious activity such as prompt injection, unauthorized data exfiltration, or suspicious code obfuscation were found across the skill's instructions and documentation.
- [SAFE]: The skill's operations are confined to its stated purpose of book and reading data management, with no evidence of attempts to escalate privileges or establish persistence on the host system.
Audit Metadata