yao-weread-skill
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill runs
scripts/generate_weread_report.pyto aggregate reading data. This is a standard and expected operation for the skill's primary function. - [EXTERNAL_DOWNLOADS]: The generated HTML reports include script tags for loading ECharts from
cdn.jsdelivr.net. This is a trusted, well-known service for serving public libraries. - [DATA_EXFILTRATION]: Reading data is retrieved from the official WeChat Reading API (
i.weread.qq.com) and stored locally. No evidence of data being sent to untrusted third-party domains was found. - [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted user content (highlights and reviews) from the reading platform.
- Ingestion points:
fetch_reviewsandfetch_note_detailfunctions inscripts/generate_weread_report.pyingest data from API responses. - Boundary markers: None; the data is used for display only and not passed back to the agent as instructions.
- Capability inventory: Local file writing via
Path.write_textinscripts/generate_weread_report.py. - Sanitization: Employs
escape_htmlandjson.dumpsto sanitize content before embedding it in the HTML report, preventing script injection. - [DYNAMIC_EXECUTION]: The produced HTML report utilizes
new Functionto parse serialized chart configuration options for ECharts. This is a localized browser-side operation for the visualization library and does not pose a threat to the agent's execution environment.
Audit Metadata