Skills
skills/whinc/super-skills/miniprogram-automation/Gen Agent Trust Hub

miniprogram-automation

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the node:child_process module's spawnSync function to execute the WeChat DevTools CLI (cli or cli.bat). This is a necessary and standard procedure for enabling automation ports and managing the development tool environment.
  • [DATA_EXPOSURE]: The skill provides templates for taking screenshots of the mini-program simulator using miniProgram.screenshot(). This is an expected feature for visual regression and E2E testing.
  • [PROMPT_INJECTION]: The skill sets up a surface for indirect prompt injection by listening to logs and exceptions generated by the mini-program under test.
  • Ingestion points: Runtime console output and exceptions are ingested into the agent context via miniProgram.on('console') and miniProgram.on('exception') in SKILL.md.
  • Boundary markers: No specific boundary markers or instructions are provided to the agent to ignore potentially malicious content within these logs.
  • Capability inventory: The skill has access to command execution (spawnSync) and file system operations (fs.mkdir, fs.writeFile via the library's screenshot capability).
  • Sanitization: Log data is processed without sanitization before being evaluated by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 01:48 AM