wechat-article-downloader

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The skill contains an explicit credential-capture flow (generating a link the user must open in the WeChat desktop client that the tool "automatically captures" credentials) and uses an external fallback MCP endpoint (https://changfengbox.top) for operations, indicating intentional credential theft and potential exfiltration to an untrusted remote server.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests public WeChat articles (mp.weixin.qq.com) and collection URLs via the local MCP or the remote fallback at https://changfengbox.top/api/mcp as part of its required workflows (see "Single Article Download" and "Download Collection"), so it consumes untrusted third‑party content that can influence subsequent tool calls and actions.