weixin-article-to-obsidian-cn
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/download_weixin_article.pyutilizessubprocess.runto call theopenclicommand if it is installed on the system. This external tool is used to help download and convert article content. The script passes arguments as a list rather than a shell string, which prevents command injection vulnerabilities. - [EXTERNAL_DOWNLOADS]: The skill performs network requests to
mp.weixin.qq.comand WeChat's image CDN (mmbiz.qpic.cn) using theurllib.requestlibrary. These operations are essential for its primary function of archiving articles and are restricted to the domains relevant to the skill's stated purpose. - [SAFE]: The skill implements a security check using
Path.relative_toto ensure that the target directory for saving Markdown files remains within the specified Obsidian vault root. This prevents path traversal attacks that could otherwise allow writing files to arbitrary locations on the system.
Audit Metadata