wecomcli-sheet

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the wecom-cli system binary to perform sheet management tasks. It executes shell commands with JSON parameters to read, write, and delete data within the WeCom ecosystem.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from external WeCom sheets which could contain malicious instructions.
  • Ingestion points: The get_doc_content command in SKILL.md retrieves the full content of online sheets in Markdown format.
  • Boundary markers: The instructions do not implement delimiters or warnings to treat the retrieved content as untrusted data.
  • Capability inventory: The skill possesses the ability to modify sheet data (sheet_update_range_data), delete sub-sheets (sheet_delete_sub), and coordinate with other skills like wecomcli-msg to send messages.
  • Sanitization: No sanitization or validation logic is defined for the content retrieved from the sheets before the agent interprets it.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:52 AM
Security Audit — agent-trust-hub — wecomcli-sheet