wechat-daily

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). High-risk dual-use tooling: the code deliberately bypasses app protections (ad-hoc codesign), uses frida to hook CCKeyDerivationPBKDF to capture SQLCipher-derived keys, persists those keys locally, and decrypts WeChat databases/messages—functionality that clearly enables credential theft and unauthorized extraction of private messages (no outbound exfiltration to remote servers is present in the code).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The scripts call pip at runtime to install and import frida/frida-tools (run_cmd([... "pip", "install", "frida", "frida-tools"]) ), which fetches and executes remote code from PyPI (e.g. https://pypi.org/project/frida) and is required for the runtime key-extraction behavior that injects JS into the WeChat process.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). Yes — the skill explicitly instructs copying and re-signing the WeChat app, installing and using frida to hook CCKeyDerivationPBKDF to extract encrypted DB keys (bypassing app protections), and writing configs/scripts to the host, which are actions that modify system state and circumvent security mechanisms.