ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

WeWe RSS 文章读取

v1.0.0

读取指定微信公众号文章列表或正文,需本地WeWe RSS服务运行并支持文章内容HTML解析为纯文本。

0· 51·0 current·0 all-time
byKai@agasding
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to read WeChat public account article lists and content from a local WeWe RSS service and a local sqlite DB; requiring local service and DB access is coherent with that purpose. However the SKILL.md expects specific project paths under ~/.openclaw/workspace and a tools config file, which the registry metadata did not declare — this assumption about local workspace layout should be confirmed.
!
Instruction Scope
The runtime instructions explicitly tell the agent to inspect local files (tools\wewe-rss-config.txt, ~/.openclaw/workspace paths), open a sqlite DB, run netstat, and call a deploy skill. They also reference reading .env AUTH_CODE if API returns 401. Those file reads and DB queries are beyond simple remote API calls and will access local data; the skill did not declare it would read .env or local DB files. The instructions also mix Windows-style and POSIX paths and use platform-specific commands (PowerShell netstat), which is inconsistent and could cause unexpected behavior on some hosts.
Install Mechanism
This is instruction-only with no install spec or code to download, so it does not perform any automatic installations. That reduces supply-chain risk, though it relies on an external local service (wewe-rss) which may itself require installation (via the separate wewe-rss-deploy skill).
!
Credentials
The skill declares no required environment variables but the documentation references an AUTH_CODE in a .env and uses ~/.openclaw workspace files. Accessing a .env or other local config with credentials is disproportionate without explicit declaration. The skill may read local secrets (AUTH_CODE) and a local sqlite DB; the registry should list any required credentials or config paths.
Persistence & Privilege
always is false and the skill does not request elevated or persistent platform-wide privileges. It does instruct invoking another skill (wewe-rss-deploy) to install the service if missing, which is normal but means you should also review that deploy skill before allowing autonomous actions.
What to consider before installing
This skill is mostly what it says — it expects a local WeWe RSS service and will read local workspace files and a sqlite DB. Before installing: (1) confirm you run/trust the local http://localhost:4000 WeWe RSS service and understand where its DB resides, (2) ensure you have no sensitive secrets (AUTH_CODE or others) in ~/.openclaw/workspace or a .env that you don't want read, (3) review the separate wewe-rss-deploy skill before allowing deployment, and (4) be aware the SKILL.md mixes Windows and POSIX paths and uses netstat; test in a safe environment first. If possible, ask the publisher to declare required config paths and any env vars (like AUTH_CODE) in the registry metadata.

Like a lobster shell, security has layers — review code before you run it.

latestvk976wq8967ttwscax7np6xya1d8434wp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments