Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Wechat Oa
v1.4.0微信公众号草稿箱管理工具集。触发词(满足任一即触发):看看草稿箱/查看草稿/草稿列表/公众号草稿/搜草稿/搜索草稿/按关键词找草稿/按标题搜/创建草稿/新建草稿/发文章到公众号/推送文章/更新草稿/删除草稿/批量删除草稿/生成封面图/上传图片到公众号/上传图片到素材库/已发布文章列表/公众号素材列表/素材管理/删...
⭐ 0· 52·1 current·1 all-time
byWoody@andy8663
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description describe a WeChat Official Account draft manager and the included code and SKILL.md implement that behavior (WeChat API endpoints, draft/material operations). However the SKILL.md header claims "no third‑party dependencies" while README and the Python source import and expect 'requests', 'Pillow' and optionally 'premailer' — an explicit contradiction. The skill also relies on a local config.json containing AppID/AppSecret but the registry metadata lists no required env vars; this mismatch between declared requirements and actual needs is a coherence concern.
Instruction Scope
Runtime instructions are focused on the stated purpose: configuring AppID/AppSecret, adding IP whitelist, and running the Python script to manage drafts/materials. The instructions require reading the local config.json and user-provided HTML/MD files and may perform network calls to weixin API endpoints and to ifconfig.me (to determine public IP). There are no instructions to read unrelated system secrets or to transmit arbitrary local files beyond those provided for article creation, which aligns with purpose.
Install Mechanism
There is no install spec (instruction-only), which is low risk, but the repository and code clearly expect Python packages (requests, Pillow, premailer). The SKILL.md and metadata claim no third‑party dependencies while README and code require them — this inconsistency could cause silent failures or unexpected runtime package installs by users. No downloads from untrusted URLs are present, but the mismatch should be clarified.
Credentials
The skill legitimately needs WeChat credentials (AppID and AppSecret) to call the official APIs; those are stored in a local config.json file (documented). However, the skill declares no required environment variables in the registry metadata, which is misleading. The credential scope itself (WeChat AppID/Secret) is proportional to the stated functionality, but the way credentials are expected (file vs declared env vars) and absence of any declared primaryEnv is inconsistent and worth noting.
Persistence & Privilege
The skill does not request 'always: true' and does not declare system-wide changes. It is allowed to be invoked by the agent (default). It stores credentials locally in config.json (normal for such tools) and does not request elevated or cross-skill configuration access in the provided files.
What to consider before installing
This skill appears to implement a WeChat OA draft manager, but there are inconsistencies you should resolve before trusting it: (1) The project claims "no third‑party dependencies" yet the code and README require requests, Pillow and optionally premailer — install those intentionally and inspect their versions. (2) You must provide AppID and AppSecret in a local config.json; treat that file as sensitive (do not commit it) and consider using a dedicated WeChat account. (3) The tool will read local article files and upload images to WeChat; only run it on content you intend to publish. (4) The SKILL.md suggests calling external services (ifconfig.me) to detect IP for whitelist purposes — be aware this makes an outbound request. If you plan to install/use this skill: review the full wechat_push.py source, ensure required Python packages are installed from trusted sources, confirm the only network endpoints contacted are the documented WeChat APIs, and ensure your AppID/AppSecret are stored securely (or supplied via environment-managed secret storage) rather than left in world-readable files.Like a lobster shell, security has layers — review code before you run it.
latestvk979a1q0dj870q1z91v3ef5x7184tba0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📝 Clawdis
Binspython3