ClawHub
Back to skill
v1.0.0

Wechat Article Auto Gen

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:18 AM.

Analysis

Review before installing because the skill embeds a third-party image-generation API key even though no credential requirement is declared.

GuidanceDo not rely on the embedded API key. Install only if you are comfortable with a workflow that fetches reference articles, sends image prompts to a third-party provider, and produces marketing HTML; provide your own scoped image-generation credential, verify the publisher metadata, and review all generated content before publication.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
_meta.json
"ownerId": "kn70pywhg0fyz996kpa8xj89s57yhv26"

The _meta.json ownerId differs from the registry owner ID shown in the submitted metadata, creating a provenance inconsistency users should verify.

User impactPublisher identity is less clear, so users may have a harder time confirming who maintains the skill.
RecommendationVerify the publisher/owner in ClawHub before installing and ask the maintainer to align the registry metadata and package metadata.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceMediumStatusNote
SKILL.md
wechat-article-auto-gen/ ├── config.py ├── scraper.py ├── rewriter.py

The documentation references helper implementation files, but the provided package is instruction-only with no code files present.

User impactThe actual implementation, if created or obtained separately, is not covered by this artifact review.
RecommendationTreat the included snippets as instructions only, and review any separately supplied scripts before running or letting an agent execute them.
Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
def rewrite_article(source_url, brand="MUX"): ... raw = scrape_article(source_url) ... rewritten = llm_rewrite(raw, prompt=...)

The core workflow fetches and rewrites articles from a supplied URL, which is purpose-aligned but should remain user-directed and compliant with source rights.

User impactThe agent could fetch and reuse third-party content; users are responsible for choosing appropriate sources and reviewing the rewritten output.
RecommendationOnly provide authorized or permissible reference articles, and review generated HTML for copyright, accuracy, and brand-compliance issues before publication.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
"VOLCANO_CONFIG = { "api_key": "565ec265-...-c3d37c6a6198", "api_url": "https://ark.cn-beijing.volces.com/api/v3/images/generations" }"

The skill embeds a credential-looking API key for a third-party image service, while the submitted requirements declare no primary credential or required environment variables.

User impactA user's agent may use an unknown account's API credential, which could expose prompts/images to that account, create billing or quota impact, or fail unexpectedly if the key is revoked.
RecommendationRemove the embedded key, rotate it if it is real, and require each user to provide their own scoped credential through the platform's credential or environment-variable mechanism.