lovstudio-anti-wechat-ai-check
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted data which is then used to influence the agent's output.
- Ingestion points: User-provided text or files are ingested in SKILL.md (Step 1).
- Boundary markers: The instructions lack delimiters or specific warnings to ignore instructions that might be embedded in the user's article.
- Capability inventory: The agent performs shell execution of the analysis script and subsequently performs complex rewriting (humanization) of the untrusted content.
- Sanitization: There is no evidence of sanitization or escaping of the input text before it is returned to the agent's context for humanization.
- [COMMAND_EXECUTION]: The skill executes a local Python script to perform its core analysis tasks.
- Evidence: SKILL.md contains mandatory steps to run
python skills/lovstudio-anti-wechat-ai-check/scripts/analyze.py. - Context: The execution is restricted to a local script provided with the skill that only uses Python standard libraries (re, argparse, json, collections) and performs no network or sensitive file operations.
Audit Metadata