Skills
skills/stvlynn/qclaw-skills/wecom-msg/Gen Agent Trust Hub

wecom-msg

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes external message content which could contain instructions intended to manipulate the agent's behavior.
  • Ingestion points: Untrusted data enters the agent's context through the get_messages and get_msg_chat_list tool calls as described in SKILL.md.
  • Boundary markers: The prompt does not specify any delimiters or safety instructions to distinguish chat data from system instructions.
  • Capability inventory: The skill includes the send_message tool, providing a capability that could be targeted by an injection attack.
  • Sanitization: While no automated sanitization is implemented, the defined workflow requires manual user confirmation before the send_message tool is invoked, providing a significant safeguard.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 04:45 PM