Wechat Tutorial Editor Publisher

The skill bundle exhibits several high-risk behaviors and security flaws, though clear malicious intent is not established. Most notably, SKILL.md instructs the AI agent to 'encrypt' sensitive WeChat AppID and AppSecret credentials using MD5 and 'decrypt' them later; since MD5 is a one-way hash and cannot be decrypted, this instruction leads to fundamentally broken credential management. Additionally, the bundle starts a local Express server (server.js) without authentication to collect user information and images, and the publish.sh script performs global NPM installations and reads from the sensitive TOOLS.md file to extract secrets. These patterns represent significant vulnerabilities and risky capabilities typical of over-privileged automation tools.