wecomcli-doc

Pass

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The smartpage_create tool includes a page_filepath parameter used to read local file content and upload it to the WeCom cloud service (doc.weixin.qq.com). While intended for publishing local content, this capability creates a surface for exfiltrating sensitive local data if the agent is manipulated into accessing paths like SSH keys or configuration files.\n
  • Ingestion points: The page_filepath parameter in the smartpage_create tool, defined in SKILL.md and references/smartpage-create.md.\n
  • Boundary markers: Absent; there are no instructions or delimiters to prevent the agent from obeying a request to read sensitive system files.\n
  • Capability inventory: The wecom-cli tool performs network operations to upload the content of specified local files to the vendor's infrastructure.\n
  • Sanitization: Absent; the skill lacks any file path validation or directory restrictions for the local file system.\n- [COMMAND_EXECUTION]: The skill relies on the execution of the wecom-cli binary for all document management operations.\n
  • Evidence: The YAML frontmatter in SKILL.md specifies wecom-cli as a required binary, and all tool documentation describes actions performed through this command-line interface.
Audit Metadata
Risk Level
SAFE
Analyzed
May 29, 2026, 07:10 AM
Security Audit — agent-trust-hub — wecomcli-doc