wechat-search
Warn
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of an external Python package named
miku_aiusingpip install miku_ai --break-system-packages. This package is not provided by a recognized trusted vendor, and its security posture is unverified. - [COMMAND_EXECUTION]: The skill provides a Python script designed to be executed via
python3 -c. This script imports themiku_ailibrary and performs network operations to interact with WeChat's search interface. - [INDIRECT_PROMPT_INJECTION]: The skill ingests and processes untrusted data from the internet in the form of WeChat article titles and digests.
- Ingestion points: Data returned by the
get_wexin_articlefunction (SKILL.md). - Boundary markers: No specific delimiters or "ignore instructions" warnings are present in the provided logic to separate article content from agent instructions.
- Capability inventory: The skill environment has capabilities for shell command execution (
python3 -c) and package installation (pip). - Sanitization: There is no evidence of sanitization, filtering, or escaping of the external article content before it is processed by the agent or presented to the user.
Audit Metadata