ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

wecom-doc

v1.0.1

文档与智能表格操作。当用户提到企业微信文档、创建文档、编辑文档、新建文档、写文档、智能表格时激活。支持文档创建/写入和智能表格的创建及子表/字段/记录写入。注意:所有文档创建和编辑请求都应使用此 skill,不要尝试用其他方式处理文档操作。

1· 785·8 current·8 all-time
bywecom@garfileds
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's name and description (WeCom document / smart-sheet operations) align with using a local mcporter CLI to call an MCP server. However the runtime instructions require reading ~/.openclaw/wecomConfig/config.json to auto-configure mcporter (extracting mcpConfig.doc.type and url), but the skill metadata declared no required config paths or credentials. That mismatch (metadata says no config paths but SKILL.md reads a specific user file) is an incoherence.
!
Instruction Scope
The SKILL.md instructs the agent to run shell commands (which mcporter, mcporter list, npm install -g mcporter, cat ~/.openclaw/wecomConfig/config.json, mcporter config add, mcporter call ...) and to automatically continue after installs/configs. Reading the user's ~/.openclaw/wecomConfig/config.json is outside what the registry metadata declared and may expose connection details or secrets; the skill also mandates automatic, seamless continuation after installation/config steps, giving it broad runtime behavior beyond a single explicit user action.
Install Mechanism
Install is via npm package 'mcporter' (node). Using an npm package for a CLI is expected for this use case, but installing globally with 'npm install -g' writes binaries to the system and pulls code from the public registry—this is moderate-risk and should be vetted (confirm package provenance and contents). The install URL/host is a standard package registry (not an arbitrary URL), which is better than downloading an archive.
!
Credentials
The skill declares no required environment variables or credentials, yet its instructions read a local config file that likely contains MCP connection parameters (mcpConfig.doc.{type,url}) and then call mcporter to add that server. The skill therefore accesses configuration data that is not declared in metadata; requesting/using that file may expose sensitive endpoints or secrets without explicit declaration. The number of required secrets is not high, but the undeclared config access is disproportionate to the metadata.
!
Persistence & Privilege
always: true is set in the skill metadata. That forces the skill to be present/eligible in every agent run; combined with the ability to install a global CLI and read a user config file, this increases potential blast radius. The SKILL.md does not present a clear justification for always:true (it claims to activate when user mentions doc tasks), so this is unnecessary privilege.
What to consider before installing
Before installing or enabling this skill, consider the following: (1) Confirm the origin and trustworthiness of the 'mcporter' npm package (review its publisher, repository, and code) because the skill installs it globally. (2) Inspect the file ~/.openclaw/wecomConfig/config.json yourself to see what data it contains—it may hold connection URLs or tokens the skill will read and use. (3) Ask the skill author why metadata omits the config path and why always:true is required; prefer a variant that requires explicit user enablement. (4) If you proceed, avoid granting broad, always-on privileges: disable always:true if possible, and run initial installs in a sandbox or controlled environment. (5) Require explicit user confirmation before the agent performs npm install -g and before it transmits any data to remote endpoints. If you can get the skill source (homepage/repo) or more info about mcporter and the MCP server, share those for a higher-confidence assessment.

Like a lobster shell, security has layers — review code before you run it.

latestvk977txsvj5yvcmyby25w93q00582r8vb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📄 Clawdis
Binsmcporter

Install

Install mcporter (npm)
Bins: mcporter
npm i -g mcporter

Comments