baoyu-post-to-wechat
Pass
Audited by Gen Agent Trust Hub on May 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes platform-specific system utilities (osascript on macOS, powershell.exe on Windows, and xdotool/ydotool on Linux) to automate desktop interactions such as keystrokes and system clipboard management for the browser-based publishing workflow.\n- [COMMAND_EXECUTION]: Browser automation is implemented using the Chrome DevTools Protocol (CDP) and the agent-browser CLI, which involve evaluating JavaScript within the browser context to interact with the WeChat Official Account editor interface.\n- [EXTERNAL_DOWNLOADS]: The publishing scripts can fetch and download images from remote URLs specified in the user's content to prepare them for upload to the WeChat platform.\n- [COMMAND_EXECUTION]: For specialized clipboard operations on macOS, the skill dynamically generates and executes temporary Swift scripts to handle image data transfers accurately.
Audit Metadata