wechatpay-payment-integration
Warn
Audited by Snyk on Jul 6, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 该 Skill 的运行时会执行
scripts/wechatpay-docs-sync.py update从远程 URLhttps://wx.gtimg.com/resource/wechatpay_api/wechatpay-docs.zip下载并解压 Markdown 文档到本地assets/微信支付官网文档/,随后在“文档检索与问答”中Read这些文档作为 LLM 上下文输入;该远程压缩包属于非操作用户/组织作者的外部来源。
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill's mandatory preload runs scripts/wechatpay-docs-sync.py which at runtime downloads and extracts the remote documentation from https://wx.gtimg.com/resource/wechatpay_api/wechatpay-docs.zip, and those fetched docs are required and used as the knowledge base that directly control the agent's prompts/responses.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). 该 Skill 专门针对微信支付(支付网关)接入与运维,明确提供与微信支付 API(包括 APIv3)的示例代码、接口文档链接、接入质量评估及“APIv3 接口动态排障(查询支付单、退款单,协助排查查单失败)”等功能。它是专门为金融支付操作设计的技能,会定位和输出与支付/退款相关的接口与示例,属于直接针对支付网关的集成工具,因此具备对财务交易接口的直接执行/调用能力风险。
Issues (3)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata