Skills
skills/hanzhcn/laohan-skills/laohan-xiazai/Gen Agent Trust Hub

laohan-xiazai

Fail

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user or agent to download binary executables (DMG and EXE files) from a non-official GitHub repository (hanzhcn/laohan-skills).\n- [COMMAND_EXECUTION]: The skill requires several privileged system operations to function:\n
  • It uses sudo (Mac) and certutil (Windows) to install a Root CA certificate (SunnyRoot.cer) into the system's root trust store. This allows the software to decrypt and intercept any HTTPS traffic on the machine.\n
  • It sets up a local MITM proxy to intercept WeChat network traffic and inject content into the application.\n
  • It uses launchctl to start and manage system services on macOS.\n- [REMOTE_CODE_EXECUTION]: The skill recommends executing global software updates using npm update -g @jackwener/opencli and npx skills update, which downloads and runs unverified code from the internet at runtime.\n- [COMMAND_EXECUTION]: The skill uses a custom wrapper script located at ~/.local/bin/视频号下载 that executes commands with elevated privileges (sudo).
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 14, 2026, 04:55 PM
Security Audit — agent-trust-hub — laohan-xiazai