Skills
skills/wecomteam/wecom-openclaw-plugin/wecom-meeting-query/Gen Agent Trust Hub

wecom-meeting-query

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes meeting titles and descriptions from an external system. If an attacker sets a malicious meeting title, the agent might execute embedded instructions when summarizing the meeting list.
  • Ingestion points: Data is ingested from the get_meeting_info tool output, specifically the title and description fields in SKILL.md.
  • Boundary markers: The instructions do not define boundary markers (like XML tags or specific delimiters) to separate meeting content from system instructions.
  • Capability inventory: The skill uses the wecom_mcp tool for API interaction and command execution.
  • Sanitization: No sanitization or verification logic is present to filter executable instructions within the meeting metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 10:15 AM