WeChat Article Scraper Pro
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill enables real SkillPay billing, but the included scraper appears to be demo/simulated and its billing and credential handling are unclear.
Review the payment behavior before installing or running this skill. It appears to use real SkillPay billing while its scraper logic is marked as simulated/demo, and it includes a hardcoded billing API key. If you test it, use an isolated environment, avoid paying until functionality is verified, and check/delete the local data directory afterward.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may pay or recharge expecting a working WeChat scraper but receive demo/fake results instead.
Real payment mode is enabled by default, while the scraper implementation states it returns simulated data and needs replacement with real scraping logic.
TEST_MODE = False ... # 这里是模拟数据,实际部署时需要替换为真实的抓取逻辑
Do not enable real billing until the implemented functionality matches the description; clearly label demo behavior before payment.
The user may not understand whether they are paying per call, recharging a minimum balance, or being charged a different amount than advertised.
SKILL.md advertises a 0.001 USDT per-use fee, but the code sends a zero amount for charge and requests an 8-unit payment link, making the actual billing behavior unclear.
"amount": 0 ... requests.post(f"{BILLING_URL}/payment-link" ... "amount": 8Make the charge amount, minimum recharge, and refund/verification flow explicit and ensure the code uses the same pricing stated in SKILL.md.
Billing authority is opaque to the user, and the published key could be abused or rotated unexpectedly, affecting payment reliability and accountability.
A SkillPay secret/billing key is hardcoded into the runnable code and used for API calls, despite registry metadata declaring no primary credential or required environment variables.
SKILLPAY_API_KEY = 'sk_d11f...d3c2e' ... "X-API-Key": SKILLPAY_API_KEY
Move the key to a declared environment variable or managed credential, rotate the exposed key, and document exactly what billing authority it grants.
Future package changes or dependency confusion could affect what code is installed.
The setup installs dependencies directly without version pins or a lockfile.
pip install flask requests beautifulsoup4 pandas
Use pinned versions or a reviewed requirements/lock file and install in an isolated environment.
Scraped or exported content remains on disk after use unless the user deletes it.
The app stores task history and article content persistently in a local SQLite database under the skill directory.
app.config['DATABASE'] = os.path.join(SKILL_ROOT, 'data', 'wechat.db') ... content TEXT
Tell users where data is stored, provide a cleanup option, and avoid reusing stored content as trusted context without review.