wecomcli-doc
Pass
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: The
smartpage_createtool includes apage_filepathparameter used to read local file content and upload it to the WeCom cloud service (doc.weixin.qq.com). While intended for publishing local content, this capability creates a surface for exfiltrating sensitive local data if the agent is manipulated into accessing paths like SSH keys or configuration files.\n - Ingestion points: The
page_filepathparameter in thesmartpage_createtool, defined inSKILL.mdandreferences/smartpage-create.md.\n - Boundary markers: Absent; there are no instructions or delimiters to prevent the agent from obeying a request to read sensitive system files.\n
- Capability inventory: The
wecom-clitool performs network operations to upload the content of specified local files to the vendor's infrastructure.\n - Sanitization: Absent; the skill lacks any file path validation or directory restrictions for the local file system.\n- [COMMAND_EXECUTION]: The skill relies on the execution of the
wecom-clibinary for all document management operations.\n - Evidence: The YAML frontmatter in
SKILL.mdspecifieswecom-clias a required binary, and all tool documentation describes actions performed through this command-line interface.
Audit Metadata