Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Wechat Automation
v1.1.0微信RPA自动化技能。基于pywechat3(pip install pywechat127)实现Windows PC微信自动化操作,包括发消息、批量群发、读取聊天记录、获取通讯录、自动回复、朋友圈管理等。当用户需要操作微信(发消息、查记录、自动回复等)时激活。
⭐ 0· 22·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the included scripts: sending messages, batch send, reading messages, and getting contacts. However the code and documentation repeatedly assume a local developer checkout at D:\code\pywechat3 (sys.path.insert calls and '本地源码' references), which is not explained and is unnecessary if the package is installed from PyPI. This hard-coded local-path reliance is inconsistent with a general-purpose skill distribution.
Instruction Scope
SKILL.md directs the agent/user to run pip install and to run scripts; it also instructs generating .bat files for the user to double-click on the real desktop due to sandboxing. The scripts access the Windows registry, the user's Desktop, and may write .bat files — registry and filesystem access are explainable for detecting WeChat and creating launchers, but the instructions assume/encourage executing code on the user's machine outside the sandbox which increases risk. The repeated imports that prepend D:\code\pywechat3 broaden the scope unexpectedly (uses local code rather than just installed packages).
Install Mechanism
There is no formal install spec (instruction-only), but SKILL.md asks to run pip install pywechat127 and other packages from PyPI. Installing third-party packages is expected for this functionality, but pip installs run arbitrary code from the network — review the pywechat127 package and its maintainers before installing. No downloads from obscure URLs or extract-from-remote archives were found in the skill bundle itself.
Credentials
The skill does not request environment variables or credentials. It legitimately accesses Windows registry (to detect WeChat), filesystem (to create .bat on Desktop and read user-provided JSON configs), and runs subprocess checks (where). Those accesses are proportionate to automating a Windows desktop app, but users should be aware the skill reads system state and writes files to the desktop.
Persistence & Privilege
always is false and the skill does not request permanent platform privileges. It does generate .bat files for manual execution and may suggest modifying PATH via library helpers, but it does not modify other skills or claim force-inclusion.
What to consider before installing
This skill implements WeChat UI automation but has a few red flags to consider before installing:
- The scripts assume a local developer path (D:\code\pywechat3). If that path doesn't exist, the included scripts will fail or may try to use an undeclared local copy; confirm whether you should install pywechat127 from PyPI or provide/inspect a local copy first.
- Installing required packages uses pip (network install). Inspect the pywechat127 package and its source (the README points to GitHub) before installing into any environment.
- The skill will read the registry to find WeChat and write .bat files to your Desktop for out-of-sandbox execution; only run generated .bat files that you review and trust.
- Because the tool automates sending messages, avoid using it for bulk/unsolicited messaging — it can trigger account restrictions and may violate service terms.
Recommendations: inspect the included scripts (especially any unexpected network calls), confirm whether you want to install pywechat127 into a disposable or virtual environment, remove or fix hard-coded sys.path references if you plan to run inside your environment, and prefer running the code on a controlled Windows machine rather than blindly double-clicking generated .bat files. If you need higher assurance, ask the publisher for clarification about the D:\code\pywechat3 dependency and for a formal install procedure.Like a lobster shell, security has layers — review code before you run it.
latestvk975zegvy335remventhatgqcs84k0jq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.