Skills
skills/mcncarl/yichen-skills/mac-wechat-dual-open/Gen Agent Trust Hub

mac-wechat-dual-open

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The helper script scripts/wechat_dual_open.py executes several macOS system utilities via the subprocess module to manage the application life cycle and appearance. Evidence includes calls to:
  • codesign: Used to re-sign the modified application bundle.
  • xattr: Used to remove extended attributes that could interfere with code signing.
  • lsregister: Used to register the new application bundle with macOS Launch Services.
  • qlmanage and killall: Used to refresh icon and QuickLook caches.
  • defaults: Used to set language preferences for the new bundle ID.
  • iconutil, sips, DeRez, Rez, and SetFile: Used for icon extraction, recoloring, and setting Finder custom icons.
  • [SAFE]: The skill does not perform any network operations or data exfiltration. All actions are performed locally on the user's machine.
  • [SAFE]: The skill avoids privilege escalation by targeting the user's home directory (~/Applications) for the second app instance, rather than the system-wide /Applications folder, thereby avoiding the need for sudo or administrative permissions.
  • [SAFE]: No obfuscation, prompt injection, or malicious persistence mechanisms were identified in the instructions or the source code.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 10:48 AM