ℹ
Purpose & Capability
The stated purpose (query contacts and send WeChat text messages) aligns with the described API calls (queryFriend, sendText). However the registry metadata declares no required environment variables while SKILL.md uses WECHAT_APPID (and even provides a concrete value). That mismatch is incoherent and should be resolved.
!
Instruction Scope
Instructions direct the agent to call an external endpoint (base URL set to https://192.168.29.1:8080) and to use an appid value embedded in the SKILL.md. The flow itself (query then confirm then send) is scoped to messaging, but the hardcoded appid and the use of an IP-address endpoint (likely an internal host) are risky: the agent will send user-supplied message content and contact identifiers to that endpoint. There are no directives to authenticate beyond the appid, and no safeguards about what data to transmit.
✓
Install Mechanism
Instruction-only skill with no install spec or code files. This minimizes disk write/execution risk; no installers or external packages are pulled.
!
Credentials
The registry advertised no required env vars, yet SKILL.md references WECHAT_APPID (and populates it with a concrete value). Hardcoding what appears to be an application credential in SKILL.md is inappropriate for a public skill and suggests either sloppy packaging or unintended exposure of a secret. The endpoint also implies the skill expects a reachable service that is not declared.
✓
Persistence & Privilege
Skill does not request always:true and is user-invocable only. It does not claim to modify other skills or system settings. Autonomous invocation is permitted (platform default) but there are no extra persistence privileges requested.
Scan Findings in Context
[no_code_files_or_scannable_content] expected: The regex scanner had nothing to analyze because this is an instruction-only skill (SKILL.md only). This is expected for an instruction-only integration, but it means behavioral risks come entirely from the SKILL.md content.
What to consider before installing
Do not install blindly. Verify with the author or maintainer: (1) why the registry lists no required env vars while SKILL.md uses WECHAT_APPID; ask them to declare and document required credentials rather than embedding them; (2) confirm the intended API base URL — the file currently points at 192.168.29.1 (an internal IP) which could cause the agent to talk to an untrusted local service; replace with a trusted HTTPS domain; (3) never use the skill with sensitive messages until you trust the endpoint and credential handling; (4) ask for code or an audited implementation if you need to run this in production. Because the skill will transmit message content and contact identifiers to the configured endpoint, treat the endpoint and credentials as sensitive and validate them out-of-band before use.
