WeChat Send
Security checks across malware telemetry and agentic risk
Overview
The skill’s WeChat-sending purpose is clear, but its script inserts contact and message text directly into AppleScript, which could let crafted text run unintended macOS automation commands.
Review this skill before installing. Its WeChat automation behavior is disclosed, but it should be fixed to safely escape contact and message text before passing them into AppleScript. If used, send only simple reviewed text, use unambiguous recipient names, and consider adding a manual confirmation step before messages are sent.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A crafted contact name or message could cause the Mac to run unintended AppleScript actions under the same desktop permissions used to control WeChat.
The contact and message arguments are embedded directly into AppleScript source without escaping. If either value contains quotes or AppleScript syntax, it can alter the osascript program rather than being treated purely as text.
keystroke \"$CONTACT\" ... set the clipboard to \"$MESSAGE\"
Escape AppleScript string values safely, pass values through environment variables or stdin, and avoid constructing executable AppleScript source directly from message text.
A message may be sent to the wrong WeChat contact if the search result is not the intended person.
The skill sends by GUI automation and selects the first WeChat search result, which is disclosed but can misdirect messages if names are ambiguous.
Types the contact name, selects the first result (Enter) ... If the contact search returns wrong results, the message goes to the wrong person
Use exact, distinctive contact names and consider adding a confirmation step before pressing Enter to send.
Messages are sent from the user’s real WeChat account and may be visible to recipients as normal user-sent messages.
The skill uses the user’s existing logged-in WeChat identity to send messages. This is expected for the purpose, but it is delegated account authority.
WeChat for Mac installed and **logged in** ... controls the WeChat GUI on your Mac to send messages on your behalf
Only invoke this skill when you intend to send the exact message from your WeChat account, and review recipient names carefully.