publisher-wechatsync
Warn
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill assembles shell commands by concatenating user-provided inputs, such as file paths and platform identifiers (e.g.,
wechatsync sync "path/to/article.md"). If these inputs contain shell metacharacters, it could lead to arbitrary command execution. - [EXTERNAL_DOWNLOADS]: The skill instructs the user to install and run an external third-party package (
@wechatsync/cli), which increases the risk of executing untrusted code if the package or its source is compromised. - [PROMPT_INJECTION]: The skill processes external markdown files to extract metadata like titles. A malicious file could contain instructions designed to influence the agent's behavior or bypass constraints when it presents the sync preview or results to the user.
Audit Metadata