ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Welight 公众号排版发布

v1.0.1

Independently turn an article into WeChat Official Accounts compatible Markdown/HTML, present built-in theme choices, and publish to WeChat as a draft or for...

0· 91·1 current·1 all-time
byOrnata@08820048
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md, asset themes, and the provided scripts (normalize, list themes, render HTML, publish) are coherent for a WeChat article formatting and publishing tool. The requested functionality (normalize → theme → render → publish) is implemented by the included files.
Instruction Scope
SKILL.md explicitly allows inputs from pasted text, files, or URLs and says publishing occurs only if runtime has publishing prerequisites. The scripts perform web fetches (to fetch article URLs and to upload images / call WeChat APIs). That network activity is expected for the stated purpose, but it means the tool will fetch arbitrary URLs the user supplies and will perform outbound calls to WeChat (or an optional proxy).
Install Mechanism
There is no install spec — this is instruction/code-only. No remote downloads or package installs are performed by the skill itself, so there is no high-risk install mechanism in the bundle.
!
Credentials
Registry metadata lists no required env vars or primary credential, but the runtime docs and publish script read WECHAT_APP_ID, WECHAT_APP_SECRET, WECHAT_PROXY_ORIGIN, and WECHAT_AUTHOR (via args, config file, or environment). The skill will require valid WeChat credentials to publish; omitting these from the declared requirements is a misalignment and a transparency/privilege concern.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does perform network I/O for publishing and fetching, but that is consistent with its purpose and is not granted implicitly beyond normal autonomous invocation.
What to consider before installing
This skill appears to implement exactly what it claims (formatting, theme application, and publishing to WeChat). However, the package metadata omitted the runtime credentials it actually uses. Before installing or providing credentials: 1) Expect the publish flow to require WECHAT_APP_ID and WECHAT_APP_SECRET (or an equivalent config file) and to make outbound calls to api.weixin.qq.com or a configured proxy. 2) Do not supply your WeChat app secret unless you trust the source — prefer testing with a throwaway account or using a proxy that you control. 3) If you will let the agent fetch URLs or accept files, be aware it can reach arbitrary URLs (including internal endpoints if the agent has network access). 4) Review scripts/publish_wechat.py (it uploads images and posts drafts) and test with --dry-run before real publish. 5) If you need higher assurance, ask the author to update the registry metadata to declare required env vars and to document any proxy behavior; otherwise treat the missing credential declaration as a red flag.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a5sewhkwj5e7x6r6cf4p42n83b84m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments