create-ex
Fail
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The script tools/wechat_decryptor.py executes system commands to interact with running processes. It uses lldb on macOS to attach to the WeChat process for memory extraction, which is an intrusive operation.
- [DATA_EXFILTRATION]: The skill is designed to access and parse highly sensitive private databases. It targets ~/Library/Messages/chat.db (iMessage) and WeChat message databases, representing a significant exposure of private communication data.
- [REMOTE_CODE_EXECUTION]: In tools/wechat_decryptor.py, the skill dynamically generates and executes Python code via subprocess.run to perform memory scraping. This involves constructing code at runtime and executing it in a sub-process.
Recommendations
- AI detected serious security threats
Audit Metadata