Skills
skills/redfox-data/redfox-community/wechat-cover/Gen Agent Trust Hub

wechat-cover

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill communicates with the vendor domain redfox.hk to retrieve WeChat article metadata (titles, summaries, and image URLs). This is the intended primary function of the skill.
  • [COMMAND_EXECUTION]: The skill executes a local script scripts/fetch_explosive_covers.py using the Python interpreter. This script handles the API communication and data formatting as described in the documentation.
  • [CREDENTIALS_UNSAFE]: The skill utilizes an API key REDFOX_API_KEY. The documentation correctly instructs users to manage this credential via environment variables or configuration files, avoiding hardcoding risks.
  • [DATA_EXFILTRATION]: While the skill accesses external data, it does not demonstrate any behavior suggesting the exfiltration of sensitive local system information (such as SSH keys or AWS credentials) to unauthorized domains.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 07:50 PM
Security Audit — agent-trust-hub — wechat-cover