ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

weixin-xlog-analyzer

v1.0.0

解析和分析微信Xlog日志文件,提取关键信息并生成诊断报告;当用户需要分析微信日志、排查故障或统计日志数据时使用

1· 337·0 current·0 all-time
by@hellllll0world
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included artifacts: two Python scripts implement parsing and analysis, and reference docs describe Xlog formats and analysis guidance. There are no unrelated requirements (no cloud credentials, no unrelated binaries).
Instruction Scope
SKILL.md instructs the agent to read user-provided Xlog files (after the user decrypts them if necessary), run local scripts to parse and analyze, and produce reports. The instructions do not ask the agent to read other system files, environment secrets, or transmit data to external endpoints.
Install Mechanism
No install spec; this is instruction-only with bundled Python scripts that rely only on the Python standard library. Nothing is downloaded or written by an installer.
Credentials
The skill declares no required environment variables, credentials, or config paths. The scripts operate on files provided by the user and do not access other system configuration or secrets.
Persistence & Privilege
always is false; the skill does not request persistent/system-wide presence or modify other skills. Scripts are standalone command-line tools invoked on demand.
Assessment
This skill appears internally consistent and only processes local log files. Before using it: (1) review the two Python scripts yourself or run them in a sandbox to confirm behavior; (2) ensure any Xlog files are legitimately obtained and decrypted with your chosen tool (the skill does not perform decryption); (3) avoid running on systems containing highly sensitive PII unless you have policies to redact logs, since parsed output may include user data; (4) for very large logs, run on a machine with sufficient memory or process the logs in batches as the documentation suggests; (5) if you need networked/automated analysis, confirm you are comfortable extending the scripts — as provided they do not exfiltrate data or make network calls.

Like a lobster shell, security has layers — review code before you run it.

latestvk976yxc418qymef2e62y9pjg0h81y1e5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments