wildix-get-unread-messages

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local bash script (scripts/get-unread.sh) which uses a Python heredoc to process JSON data and fetch channel details in batches.
  • [EXTERNAL_DOWNLOADS]: Communicates with official vendor APIs at api.x-bees.com and chat.wildix-chat.com to exchange tokens and retrieve message counts and content.
  • [SAFE]: Includes explicit safety instructions in SKILL.md directing the agent to treat fetched message content as untrusted data, effectively mitigating potential indirect prompt injection attacks from chat history.
  • [SAFE]: Peer skill installation and authentication logic use the vendor's official repositories and standard environment-based secret management.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 04:35 PM
Security Audit — agent-trust-hub — wildix-get-unread-messages