baoyu-post-to-wechat

Warn

Audited by Snyk on May 21, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill's required browser workflow (SKILL.md Step 4 and scripts/wechat-agent-browser.ts) explicitly opens and snapshots the public WeChat site (https://mp.weixin.qq.com) and parses DOM/text to decide clicks/fills, and the API flow (scripts/wechat-api.ts loadUploadAsset) fetches arbitrary http(s) image URLs — i.e., untrusted third‑party web content is ingested and can change navigation/actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 21, 2026, 07:44 AM
Issues
1
Security Audit — snyk — baoyu-post-to-wechat