wechat-comic-factory

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill is mostly coherent for generating WeChat comic drafts, but it uses real API credentials and may create WeChat Official Account drafts as part of the default generation flow without a clearly separate publish confirmation.

Review this skill before installing if you use a real WeChat Official Account. Provide credentials only in a local config.json, keep logs/output private, and confirm whether you want generation-only behavior or automatic draft-box creation.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

A request to generate comics could consume model/API credits, upload images/content, and create a WeChat Official Account draft even if the user expected only local generation.

Why it was flagged

The documented default generation command appears to also create a WeChat draft, while the skill's generation instructions do not tell the agent to use --skip_publish or get a separate confirmation before draft creation.

Skill content

README: "生成并直接发布: python scripts/run_pipeline.py --comic_type ..." and "只生成，不发布: ... --skip_publish"; SKILL.md: "When the user asks to generate comics... Execute `python scripts/run_pipeline.py ...`"

Recommendation

Make generation default to --skip_publish, and require an explicit user confirmation before creating or updating any WeChat draft.

Low

#ASI03: Identity and Privilege Abuse

What this means

Installing users must provide credentials that can spend API credits and mutate their WeChat Official Account draft box.

Why it was flagged

The skill requires model API keys and WeChat Official Account credentials even though registry metadata lists no primary credential or required environment variables.

Skill content

"text_llm": { ... "api_key": "sk-your-text-api-key" }, "image_llm": { ... "api_key": "sk-your-image-api-key" }, "wechat": { "appid": "wx-your-appid", "appsecret": "your-appsecret" }

Recommendation

Declare these credentials in metadata and advise users to use least-privilege accounts/secrets where possible.

Low

#ASI03: Identity and Privilege Abuse

What this means

If logs are shared, backed up, or committed, a cached WeChat access token could be exposed.

Why it was flagged

The code defines a local cache path for a WeChat access token, indicating credential-derived session material may be stored on disk.

Skill content

TOKEN_CACHE_PATH = PROJECT_ROOT / "logs" / "wechat_access_token.json"

Recommendation

Document token caching, set restrictive file permissions where possible, and keep logs/config/output out of source control or shared packages.

Info

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Users may run package installation that was not surfaced in the registry requirements.

Why it was flagged

The README instructs users to install Python dependencies even though the registry says there is no install spec.

Skill content

安装依赖：

```powershell
python -m pip install -r requirements.txt
```

Recommendation

Add an explicit install spec or registry requirement for the Python dependencies so users can review setup steps before installation.