ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Aws Wechat Article Publish

v1.0.0

将文章发布到微信公众号(API 写入草稿箱或提交发布),含发布前检查。当用户提到「发布」「提交」「群发」「推送」「发出去」「上传到公众号」「发到公众号」「可以发了吗」「发布前检查」时使用。

0· 31·0 current·0 all-time
by@bbd145
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill name/description match the included Python scripts which call the WeChat API and manipulate article files; however the registry metadata declares no required environment variables or primary credential while the code and SKILL.md clearly expect a repository-level aws.env with WECHAT_<N>_APPID and WECHAT_<N>_APPSECRET and a .aws-article/config.yaml. This mismatch (claimed no env vars vs. actual required secrets) is an incoherence.
Instruction Scope
SKILL.md instructs the agent to run the included scripts from the repo root and to read/write repo files (article.yaml, article.html, cover images, .aws-article/config.yaml, aws.env). That scope is consistent with publishing to WeChat. Minor scope creep: article_init reads a possible per-user file in the home dir (~/.aws-article/article.example.yaml), so the code may access a user home config beyond the repo.
Install Mechanism
This is an instruction-only skill with bundled scripts and no install spec or external downloads. No network-install URLs or archive extracts are present. It does rely on Python and optional packages (PyYAML, Pillow) which the SKILL.md/scripts mention but does not provide an automated installer.
!
Credentials
The code requires WeChat credentials (WECHAT_N_APPID and WECHAT_N_APPSECRET in aws.env) and reads .aws-article/config.yaml, but the skill metadata lists no required env vars or primary credential. The skill.json also requests filesystem, network, and shell permissions — filesystem/network are expected for this task, but the absence of declared required credentials is a proportionality/information gap the user should be aware of.
Persistence & Privilege
The skill does not request always: true and is user-invocable only. It writes back to article.yaml within the repo to mark publish_completed (expected behavior). It does not request elevated platform-wide privileges.
What to consider before installing
This skill appears to be a real WeChat publishing helper, but exercise caution: 1) It expects a repository-level aws.env file containing WECHAT_1_APPID / WECHAT_1_APPSECRET (and optionally WECHAT_N_API_BASE) even though the registry metadata doesn't declare these — do NOT put real credentials into repos you don't control. 2) The scripts read and write repo files (article.yaml, article.html, cover images) and may read a user home config (~/.aws-article/...). Review the code (already included) and confirm it only calls official WeChat endpoints (api.weixin.qq.com) before running. 3) Run it in an isolated workspace (or with dummy credentials) to test; install required Python packages (PyYAML, optionally Pillow) manually. 4) If you do not want automatic network publishing, set config.yaml publish_method to 'none' or avoid running the --publish option. 5) If you need higher assurance, ask the author to update registry metadata to declare required env vars and expected file paths so permission/credential needs are explicit.

Like a lobster shell, security has layers — review code before you run it.

latestvk970nxj4zxa8td54g5btgjk9yx8417np

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments