ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

微盛企微管家SCRM

v1.0.3

当用户需要查询或管理微盛企微管家(企业微信) SCRM 中的客户信息、客户标签、客户群、营销素材、活码、群发、跟进记录、聊天记录、联系人、商机、汇报、抽奖、客户日程等相关业务能力时触发。即使用户未明确提到 SCRM、企微管家、开放接口或 API,也应在这些企业微信客户运营与管理场景下触发。

0· 64·0 current·0 all-time
by@fangfang19

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for fangfang19/wecom-weisheng-scrm.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "微盛企微管家SCRM" (fangfang19/wecom-weisheng-scrm) from ClawHub.
Skill page: https://clawhub.ai/fangfang19/wecom-weisheng-scrm
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install wecom-weisheng-scrm

ClawHub CLI

Package manager switcher

npx clawhub@latest install wecom-weisheng-scrm
Security Scan
Capability signals
Requires OAuth tokenRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The repository and SKILL.md clearly require a personal APP KEY (SCRM_APP_KEY) to call the open.wshoto.com APIs and to fetch tokens, which is consistent with the skill's purpose. However, the registry metadata lists no required environment variables or primary credential — that is inconsistent with the actual code and README which require SCRM_APP_KEY. The skill reads and writes local shell profiles and caches tokens, which is plausible for this integration but expands its footprint beyond a simple read-only skill.
!
Instruction Scope
The SKILL.md and references/agent-runbook.md explicitly instruct the agent to run local scripts (python3 scripts/scrm.py and others), to run check-env immediately, to restore and then immediately execute an exported command (export_hint) that contains the APP_KEY, and to persist APP_KEY via set-app-key into shell profiles. The runbook mandates executing script outputs (export commands) without an extra confirmation step; relying on script output to construct shell commands that are executed by the agent increases risk if the code or outputs are tampered with. The skill also reads shell profile files and Windows registry keys to recover credentials — that is functionally coherent but sensitive.
Install Mechanism
There is no remote download/install step in the skill manifest; install.sh only creates a symlink into ~/.openclaw/skills. No network-based installer or third-party package fetch is used. This is lower install-surface risk compared with fetching an external archive.
!
Credentials
Requesting SCRM_APP_KEY and using it to obtain an access_token is proportionate to the described purpose. However the registry metadata omission (no declared required env vars) is misleading. The skill also persists secrets into shell profile files and caches tokens and identity to disk (.cache/, logs/), which is functionally useful but increases sensitive data exposure and persistence beyond a single-run scope.
!
Persistence & Privilege
The skill persists the APP_KEY into shell profile files via set-app-key and writes token/identity caches in .cache, and logs to logs/scrm.log. The SKILL.md instructs the agent to immediately execute export commands returned by check-env (export_hint) to make the variable effective in the current shell — this requires the agent to run shell commands constructed from script output. While not 'always:true', the skill still requests ongoing local presence and the ability to modify shell startup files and write caches; that combination increases blast radius if the skill or its outputs are tampered with.
What to consider before installing
Key things to consider before installing: - The skill actually needs a personal APP KEY (SCRM_APP_KEY) to work, but the registry entry did not declare any required env vars — assume the skill will ask for and store your APP_KEY. Verify you trust the source before providing it. - The runbook tells the agent to run local Python scripts and to automatically execute an export command containing your APP_KEY (export SCRM_APP_KEY='...'). That means the skill will run shell commands and will persist the APP_KEY into your shell profile and into local cache files. Only proceed if you are comfortable with the skill modifying your shell profile and storing secrets on disk. - The code communicates with https://open.wshoto.com (the intended service) and includes domain whitelisting for document fetches, which is consistent, but you should review the code yourself or have a trusted reviewer do so to ensure there is no hidden exfiltration to other endpoints. - Recommended mitigations: install only from a trusted publisher; review scripts for any unexpected network endpoints or command execution; test in an isolated environment or VM first; do not provide highly-privileged account credentials unless necessary; consider manually setting APP_KEY in a controlled way rather than letting the skill persist it automatically; restrict file permissions on .cache and logs if you proceed. If you want, I can list the exact locations where secrets are read/written and point to the lines in the scripts that implement export_hint, set-app-key, and profile writes so you can inspect them more closely.

Like a lobster shell, security has layers — review code before you run it.

latestvk970jyz9y948w29vr4wejaa5vx85cdhg
64downloads
0stars
1versions
Updated 5d ago
v1.0.3
MIT-0
@fangfang19
latest
Download

微盛企微管家SCRM

微盛企微管家 SCRM 面向企业微信客户运营场景,帮助团队围绕客户、社群、素材、活码、群发、会话与商机等业务,更高效地完成查询、协同与执行。

本 Skill 适用于客户信息、客户标签、客户群、素材、活码、群发、跟进记录、会话存档、联系人、商机、产品库、汇报、抽奖、日程等场景。你可以直接用业务语言提出问题,例如“帮我查最近7天新添加的客户”“看看某个客户的标签和跟进情况”“帮我查客户群或群发情况”。

联系支持

如需人工协助,可安装技能后输入「联系专属客服」。

使用说明

触发 Skill 后,应先用简短话术向用户说明:微盛AI·企微管家 SCRM 是基于企业微信的 AI 聊天、营销和服务平台,可协助客户运营、社群营销、SCRM 与会话管理,本技能支持查询或管理客户信息、客户标签、客户群、素材、活码、群发、跟进记录、会话存档、联系人、商机、汇报、抽奖、客户日程等相关能力;如需进一步支持,可联系专属客服。

触发 Skill 后,必须先阅读 references/agent-runbook.md 并严格按其中的调用流程执行(包括 check-envcheck-identity 的顺序),不得跳过或自行编排步骤。

推荐提问方式

  • 帮我查一下最近新增客户和重点跟进客户的情况。
  • 帮我看看这个客户的标签、跟进记录和聊天情况。
  • 帮我整理一下当前客户群和群发相关情况。
  • 帮我看一下最近活码和素材相关情况。

处理原则

  • 默认使用业务语言回复用户,先说结论,再说明还缺什么信息或下一步怎么处理。
  • 如需补充条件,优先向用户追问时间范围、客户名称、标签、员工、群发范围等业务信息。
  • 查询类需求可直接处理;创建、编辑、删除、发送等写操作应在用户确认后再执行。
  • 若用户当前所在模式无法执行命令或脚本,应先提示切换到 Craft 或其他具备执行能力的模式。

对普通用户回复时,不要主动暴露 service_nameapi_pathdoc_urlbiz_params、JSON、代理调用等内部术语,除非用户明确要求查看。

文档索引

文档说明
references/guide.md使用参考与常见业务场景
references/examples.md示例问题与使用示例
references/agent-runbook.mdAI 执行手册(流程、命令参考、权限、错误处理、数据依赖)
references/file-utils.md文件上传与下载(本地图片转公网 URL)

Comments

Loading comments...