wecom-smartsheet
Warn
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The
webhook-fallback.mdreference file instructs the agent to use system-level tools such ascurl, Node.jsfetch, or Pythonrequeststo perform network operations. This requires the agent to generate and execute shell commands or script snippets at runtime to send data to external endpoints. - [DATA_EXFILTRATION]: The skill's fallback procedure involves soliciting a Webhook URL from the user and transmitting data to it. This mechanism can be used to exfiltrate data, including Base64-encoded file content, if an attacker provides a URL they control and tricks the agent into including sensitive information in the payload.
- [DATA_EXFILTRATION]: The skill enables the agent to access the local file system by accepting file paths (e.g.,
image_path,file_path) for uploading attachments. This grants the agent the ability to read local files, which could be exploited to target sensitive system or configuration files. - [PROMPT_INJECTION]: Indirect injection surface detected. Ingestion points:
smartsheet_get_records(SKILL.md). Boundary markers: Absent. Capability inventory:wecom_mcptool calls, subprocess execution viacurl,python, andnode(webhook-fallback.md). Sanitization: Absent.
Audit Metadata