WeCom文件发送
PassAudited by ClawScan on May 10, 2026.
Overview
This is a straightforward WeCom file-sending helper, but users should verify the exact local file and recipient before sharing.
This skill appears benign and purpose-aligned. Before using it, make sure you specify the exact file to send, review the selected path, and confirm the WeCom recipient, especially for business or private documents.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the wrong path is selected, a local file could be sent unintentionally.
The skill tells the agent to locate local files and emit a MEDIA directive that sends a file. This is the core function, but it is still a sensitive tool action.
在回复中单独一行使用 MEDIA: 指令,后面跟文件的本地路径。... 使用 ls 命令查找文件
Use this skill with explicit file names or paths, and confirm the intended file before sending.
Business or private files in the workspace could be shared through WeCom when requested.
The skill sends local workspace files, including a business-work directory, through the WeCom communication channel. The destination channel is disclosed and purpose-aligned, but it crosses a data-sharing boundary.
将本地文件通过企业微信发送给用户... 公司业务目录: `~/.openclaw/workspace/memory/companywork/`
Verify the WeCom recipient and avoid broad requests that could match sensitive files.