wecomcli-sheet
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
wecom-clisystem binary to perform sheet management tasks. It executes shell commands with JSON parameters to read, write, and delete data within the WeCom ecosystem. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from external WeCom sheets which could contain malicious instructions.
- Ingestion points: The
get_doc_contentcommand inSKILL.mdretrieves the full content of online sheets in Markdown format. - Boundary markers: The instructions do not implement delimiters or warnings to treat the retrieved content as untrusted data.
- Capability inventory: The skill possesses the ability to modify sheet data (
sheet_update_range_data), delete sub-sheets (sheet_delete_sub), and coordinate with other skills likewecomcli-msgto send messages. - Sanitization: No sanitization or validation logic is defined for the content retrieved from the sheets before the agent interprets it.
Audit Metadata