企业微信 AI Bot 对接

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Enterprise WeChat setup helper that stores a bot secret locally as part of its expected configuration flow.

Before installing, confirm you trust the referenced WeCom plugin source, protect your ~/.openclaw config files, avoid sharing or committing the Bot Secret, and consider using pairing or allowlist instead of the default open direct-message policy for production or sensitive workspaces.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The script persists the WeCom secret directly into a local JSON config file, and it does so without any warning, masking, permission hardening, or use of a dedicated secret store. If the config file has weak filesystem permissions, is backed up, synced, or exposed to other local users/processes, the credential can be recovered and used to impersonate or abuse the bot integration.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal