weibo-post
AdvisoryAudited by VirusTotal on Mar 22, 2026.
Overview
Type: OpenClaw Skill Name: weibo-post Version: 1.0.0 The skill bundle provides instructions for an AI agent to automate posting content to Weibo (weibo.com) using browser-based actions. The workflow in SKILL.md follows a logical sequence of navigating to the site, inputting text into identified elements, and clicking the send button, with no evidence of data exfiltration, malicious execution, or prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A post could be published to the logged-in Weibo account if the agent follows the workflow.
The workflow instructs the agent to click the Weibo send button, which is expected for this skill but publishes account content publicly.
browser(action=act, profile="openclaw", targetId=<targetId>, ref="e36", kind="click")
Use only when you intentionally want to post, and require a final content/account check before clicking send.
The skill may post as the Weibo account already logged into the OpenClaw browser profile.
Opening Weibo with the named browser profile means the skill will act through whatever Weibo login session is present in that profile.
browser(action=navigate, profile="openclaw", url="https://weibo.com")
Before using it, verify the browser profile is logged into the intended Weibo account and avoid sharing that profile with unrelated sessions.