Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Wechat Publisher Skill Clean
v1.0.0Automatically collects 15 AI news items and publishes them as HTML drafts to WeChat Official Account with customizable templates and scheduling.
⭐ 0· 37·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md and code require a WeChat AppID/AppSecret and write token/license/usage files, but the registry metadata lists no required environment variables or primary credential — this is an internal mismatch (the skill legitimately needs AppID/AppSecret, but the package metadata does not declare them). Also SKILL.md refers to install/activate scripts (install.sh, activate.py) that are not present in the file manifest.
Instruction Scope
Runtime instructions and publish.py perform network calls to the WeChat API and the news-collection code calls external news APIs/RSS feeds. SKILL.md instructs users to supply AppID/AppSecret and to run install/config commands; it also documents a payment/activation flow that implies external interactions. SKILL.md's listed file structure differs from the actual manifest (missing install/activate scripts), which is scope/mapping confusion and raises doubt about what the runtime will actually do.
Install Mechanism
There is no automated installer recorded (instruction-only), and the Python scripts included run using local Python and the requests library. No downloads from arbitrary URLs or archive extraction are present in the manifest — install risk is low. The script will prompt to pip install requests if missing.
Credentials
The code expects WeChat credentials (app_id/app_secret) and optionally reads WECHAT_APP_SECRET from environment variables, which is appropriate for WeChat publishing. However the registry metadata does not declare these required credentials. The skill also stores cached tokens, license and usage files locally; these uses are explainable but the undeclared credential requirement is a red flag.
Persistence & Privilege
The skill does not request always:true and does not appear to modify other skills or system-wide settings. It writes logs, token-cache.json, usage/license files under its own memory directory — standard for this type of utility.
What to consider before installing
This skill appears to implement WeChat publishing code and will need your WeChat AppID and AppSecret (and network access). Before installing: (1) don't rely on the registry metadata alone — verify the skill actually requires and documents app_id/app_secret (it does in SKILL.md and code); (2) confirm you trust the author/where the package came from, because supplying AppSecret gives the skill ability to call your WeChat API; (3) note the package metadata is inconsistent with SKILL.md (missing declared env vars and missing install/activate scripts) — ask the publisher for clarification or a verified source; (4) store the AppSecret securely (use environment variables rather than plain config files, set restrictive file permissions) and review the token-cache/license files the skill writes; (5) if you have any doubt, test in an isolated environment (VM or container) and inspect runtime network requests (to ensure there are no unexpected endpoints) before using it with a production account.Like a lobster shell, security has layers — review code before you run it.
latestvk978efzk7r4anrnqvnjxnsg0ax83r3xa
License
MIT-0
Free to use, modify, and redistribute. No attribution required.