Skills
skills/wulaosiji/skills/content-extractor/Gen Agent Trust Hub

content-extractor

Warn

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run to execute the curl system command for fetching web content and downloading media. This is used in the Xiaoyuzhou platform's 'fast mode' extraction logic.
  • [REMOTE_CODE_EXECUTION]: The _extract_wechat method in content_extractor.py attempts to import a module from a hardcoded absolute local filesystem path (/Users/delta/.openclaw/workspace/skills/wechat-article-fetcher), which constitutes dynamic loading from a environment-specific path.
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests and downloads media files from various third-party platforms including xiaoyuzhoufm.com, douyin.com, and bilibili.com.
  • [PROMPT_INJECTION]: The skill ingests untrusted content from social media platforms and returns it without boundary markers or sanitization. This creates a surface for indirect prompt injection if the agent processes the extracted text as instructions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 18, 2026, 01:11 AM