Skills
skills/wecomteam/wecom-openclaw-plugin/wecom-doc-manager/Gen Agent Trust Hub

wecom-doc-manager

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it retrieves and processes content from external WeCom documents and exported files. \n
  • Ingestion points: Untrusted data enters the agent context through document content fetched via get_doc_content (references/api-export-document.md) and local files specified by content_filepath in smartpage_get_export_result (references/api-smartpage-get-export-result.md). \n
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the skill instructions. \n
  • Capability inventory: The agent can perform document creation, content overwriting via edit_doc_content, and local file reading/writing through the wecom_mcp tool. \n
  • Sanitization: No evidence of sanitization, validation, or escaping of the retrieved content is provided. This finding is categorized as a risk surface inherent to document processing tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 10:46 AM