WeChat Article Writer
WarnAudited by ClawScan on May 10, 2026.
Overview
This appears to be a coherent WeChat article workflow, but it uses and persists WeChat account/browser authority plus background automation in ways users should review carefully before installing.
Install only if you are comfortable granting the agent WeChat draft-box access and persistent workflow automation. Prefer the official WeChat API path, protect `~/.wechat-article-writer/secrets.json`, avoid broad CDP/browser-session exposure when possible, inspect the setup script before running it, and remove the preview service or heartbeat/AGENTS.md rules if you do not want the workflow to keep resuming automatically.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing and using the skill may give the agent enough authority to create or modify WeChat Official Account drafts using stored secrets or an active browser login.
The skill can use WeChat API credentials or a logged-in browser session to save drafts in the user's WeChat Official Account. This is aligned with the purpose, but it is high-impact account authority and the registry metadata declares no primary credential or env vars.
Path C (API — recommended): Store appid + appsecret in a credentials file (default: `~/.wechat-article-writer/secrets.json`) ... Path A/B (browser fallback): If no API credentials, the skill automates `mp.weixin.qq.com` via Chrome CDP.
Use a dedicated WeChat app credential/profile if possible, restrict file permissions on the secrets file, and confirm the skill only saves drafts and never publicly publishes without manual action.
A local process or overly broad browser automation path could potentially control the logged-in WeChat session or change draft content.
The fallback publishing path asks the user to run a logged-in Chrome profile with CDP enabled and wildcard remote-origin allowance. That gives broad browser-control capability around an authenticated WeChat session, not just a narrowly scoped publish API.
DISPLAY=:1 google-chrome-stable --remote-debugging-port=18800 --remote-allow-origins='*' --user-data-dir=/tmp/openclaw-browser2 ... User must scan QR code to log in to mp.weixin.qq.com (session persists in `user-data-dir`).
Prefer the official API path. If CDP is required, use an isolated browser profile, keep the port local, close Chrome after publishing, remove the temporary profile when done, and avoid using a main browsing profile.
The agent may continue unfinished article workflows later or across sessions, which could surprise users if drafts, searches, formatting, or account actions resume automatically.
The recommended agent configuration makes the pipeline resume automatically from persistent state on heartbeat checks. That is useful for long writing workflows, but it creates ongoing autonomous behavior beyond a single user command.
每次心跳检查 ~/.wechat-article-writer/drafts/*/pipeline-state.json ... 如果有 phase 不是 "done" 且不是等待人工的阶段 → 继续执行
Install these heartbeat/AGENTS.md rules only if you want persistent automation. Add clear stop conditions, review pending draft state regularly, and document how to disable or remove the rules.
Setup may change the local environment and leave a background service running.
The setup path runs local installer code and installs runtime/dependency components plus a persistent service. This is disclosed and related to rendering/preview, but it is not represented as a registry install spec.
bash <skill-dir>/scripts/setup.sh <workspace-dir> ... Installs: bun runtime, bundled baoyu renderer deps, and a persistent preview server (`wechat-preview.service`, port 8898, auto-restart).
Review `scripts/setup.sh` before running it, confirm where dependencies come from, and know how to stop or uninstall `wechat-preview.service`.
A saved voice profile could influence future article generation in ways the user may not notice.
The workflow uses a persistent voice profile that can contain prompt-like writing instructions. This is expected for style transfer, but persistent profile content can steer future drafts if it is generated from or edited by untrusted material.
"writing_prompt_injection": "写作风格应平实易懂,面向普通读者。开篇提出核心问题..."
Treat voice-profile files as trusted configuration, review them after training/import, and avoid copying untrusted instructions into persistent profile fields.