xfg-zsxq-skills
WarnAudited by ClawScan on May 18, 2026.
Overview
The skill mostly matches its ZSXQ automation purpose, but it needs review because it stores a full session cookie, can post or reply as the user, includes hard-coded default group targets, and can create recurring agent tasks.
Review this carefully before installing. If you use it, explicitly set the target group for every post/article, avoid enabling cron auto-replies unless you want autonomous public actions, protect ~/.xfg-zsxq/groups.json, and rotate the ZSXQ cookie if you stop using the skill.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user or agent runs the helper without explicitly setting a group, content may be posted or prepared for the wrong community/account context.
The article publishing helper defaults to a hard-coded group ID when --group is omitted, so authenticated drafts or direct publishes could target an unintended ZSXQ group.
const { cookie, title, content, group = '48885154455258', article = '', publish = 'false' } = parseArgs();Require an explicit group for all posting/article commands, remove hard-coded production group defaults, and ask for confirmation before any public publish or comment.
Anyone or any agent process with access to the saved cookie file could potentially act as the user's ZSXQ session until the cookie expires or is rotated.
The skill uses a full browser session Cookie stored in a local config file to act as the user, including posting and reading notifications; this high-impact credential use is not reflected in the registry credential/config declarations.
复制 **Request Headers** 中的完整 `Cookie` 头值 ... 配置文件:`~/.xfg-zsxq/groups.json`
Only use this with a trusted environment, protect and periodically rotate the cookie, declare the credential/config requirement in metadata, and prefer narrowly scoped tokens if the service supports them.
A scheduled agent could keep running after setup and may post replies using the saved cookie without the user reviewing each action.
The generated cron job is a recurring agent turn and its message permits considering automatic replies, which can extend the skill from notification checking into ongoing account actions.
schedule: { kind: "every", everyMs: interval * 60 * 1000 } ... 如果有用户提问,可以考虑自动回帖帮助 ... enabled: trueKeep scheduled jobs limited to read-only checks unless the user explicitly enables auto-reply, and require per-action approval or a clearly bounded allowlist for any public response.