Back to skill
Skillv1.2.5
VirusTotal security
WeChat to Notion · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 5:56 AM
- Hash
- 7ff084d0907a09439d42bd12a4281b5d46dd6fe400c6830d2167a1ff8a944ad4
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: wechat-to-notion Version: 1.2.5 The skill bundle provides a legitimate utility for archiving WeChat articles to Notion. It includes security-conscious instructions in SKILL.md that explicitly warn the agent against asking for or exposing the Notion API key in chat logs. The implementation in fetch_wechat.py includes a URL whitelist (mp.weixin.qq.com) to prevent SSRF, and both scripts use subprocess.run with argument lists rather than shell strings, which mitigates shell injection risks. The behavior is consistent with the stated purpose and lacks any indicators of malicious intent or data exfiltration.
- External report
- View on VirusTotal