wecom-smartsheet-data
Warn
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The fallback instructions in references/webhook-fallback.md direct the agent to use shell commands such as curl to transmit data to external APIs.
- [DATA_EXFILTRATION]: The skill facilitates sending sensitive smartsheet data to external URLs provided by the user during the conversation. While intended for official WeCom Webhooks, this mechanism could be misused to exfiltrate data to attacker-controlled servers.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted data from smartsheets via smartsheet_get_records and has capabilities for network and command execution. Ingestion point: references/api-get-records.md. Boundary markers: Absent. Capability inventory: curl, fetch, and requests calls identified in references/webhook-fallback.md. Sanitization: Absent.
- [CREDENTIALS_UNSAFE]: The workflow involves the user providing a Webhook URL that contains a secret key in the query string, exposing sensitive credentials to the agent session.
Audit Metadata