wecom-smartsheet

Warn

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The webhook-fallback.md reference file instructs the agent to use system-level tools such as curl, Node.js fetch, or Python requests to perform network operations. This requires the agent to generate and execute shell commands or script snippets at runtime to send data to external endpoints.
  • [DATA_EXFILTRATION]: The skill's fallback procedure involves soliciting a Webhook URL from the user and transmitting data to it. This mechanism can be used to exfiltrate data, including Base64-encoded file content, if an attacker provides a URL they control and tricks the agent into including sensitive information in the payload.
  • [DATA_EXFILTRATION]: The skill enables the agent to access the local file system by accepting file paths (e.g., image_path, file_path) for uploading attachments. This grants the agent the ability to read local files, which could be exploited to target sensitive system or configuration files.
  • [PROMPT_INJECTION]: Indirect injection surface detected. Ingestion points: smartsheet_get_records (SKILL.md). Boundary markers: Absent. Capability inventory: wecom_mcp tool calls, subprocess execution via curl, python, and node (webhook-fallback.md). Sanitization: Absent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 27, 2026, 01:06 PM
Security Audit — agent-trust-hub — wecom-smartsheet