Skills
skills/redfox-data/redfox-community/wechat-top-account/Gen Agent Trust Hub

wechat-top-account

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches WeChat ranking data from the author's official API domain at redfox.hk. Additionally, the HTML report generator references legitimate JavaScript libraries (html2canvas and jspdf) from the Cloudflare CDNJS repository to support client-side image and PDF exports.
  • [COMMAND_EXECUTION]: The agent is instructed to execute local Python scripts (gzh_growth_fetcher.py and gen_gzh_html.py) to process ranking data and generate visualization reports. These scripts are part of the skill package and perform the documented tasks.
  • [DATA_EXPOSURE]: The scripts include a credential lookup mechanism that searches for the REDFOX_API_KEY in standard shell configuration files such as .zshrc, .bashrc, and PowerShell profiles. This is used as a fallback for environment variable authentication and is localized to the vendor's own API key.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 07:50 PM
Security Audit — agent-trust-hub — wechat-top-account