wechat-article-writer
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest data from untrusted external sources, including social media platforms (X/Twitter, Reddit) and technical forums, as well as the user-defined
AGENTS.mdfile. This creates a surface for indirect prompt injection if the source content contains malicious instructions intended to manipulate the agent's output. - Ingestion points: Content retrieved via the Search tool from X/Twitter, Reddit, and forums; the
AGENTS.mdlocal file. - Boundary markers: None specified; the skill does not use delimiters to wrap external content or instructions to ignore embedded commands.
- Capability inventory: The skill is limited to content generation (writing articles, titles, and layout suggestions). It does not have access to sensitive file-writing tools, network exfiltration commands, or subprocess execution.
- Sanitization: No sanitization or validation logic is present to filter out potentially malicious strings from the retrieved data.
- [SAFE]: The skill's behavior is consistent with its stated purpose of automating content creation. No obfuscation, hardcoded credentials, or unauthorized remote code execution patterns were detected.
Audit Metadata