lovstudio-anti-wechat-ai-check
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run a local Python script (
analyze.py) to process text. This script only uses standard libraries and performs safe string analysis and regex matching. - [DATA_EXPOSURE]: The skill reads user-provided files or text to perform its analysis. This is its intended primary function and does not involve unauthorized access or network exfiltration.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted user text and then instructs the agent to "humanize" or rewrite that text.
- Ingestion points: The article text is read from a file or provided as input to the
analyze.pyscript and the agent's context inSKILL.md(Step 1). - Boundary markers: No explicit delimiters are specified when the agent is asked to rewrite the text in Step 5.
- Capability inventory: The skill can read local files and execute the provided analysis script.
- Sanitization: The
analyze.pyscript treats the input as raw data for regex matching, but the agent's humanization step relies on LLM interpretation of the potentially untrusted text.
Audit Metadata