wechatpay-payment-integration

Warn

Audited by Snyk on Jul 6, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). 该 Skill 的运行时会执行 scripts/wechatpay-docs-sync.py update 从远程 URL https://wx.gtimg.com/resource/wechatpay_api/wechatpay-docs.zip 下载并解压 Markdown 文档到本地 assets/微信支付官网文档/,随后在“文档检索与问答”中 Read 这些文档作为 LLM 上下文输入;该远程压缩包属于非操作用户/组织作者的外部来源。

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill's mandatory preload runs scripts/wechatpay-docs-sync.py which at runtime downloads and extracts the remote documentation from https://wx.gtimg.com/resource/wechatpay_api/wechatpay-docs.zip, and those fetched docs are required and used as the knowledge base that directly control the agent's prompts/responses.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). 该 Skill 专门针对微信支付(支付网关)接入与运维,明确提供与微信支付 API(包括 APIv3)的示例代码、接口文档链接、接入质量评估及“APIv3 接口动态排障(查询支付单、退款单,协助排查查单失败)”等功能。它是专门为金融支付操作设计的技能,会定位和输出与支付/退款相关的接口与示例,属于直接针对支付网关的集成工具,因此具备对财务交易接口的直接执行/调用能力风险。

Issues (3)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 6, 2026, 07:25 AM
Issues
3
Security Audit — snyk — wechatpay-payment-integration