ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

WeChat MP Assistant

v1.0.0

WeChat Official Account Manager - Automatically generate articles, images, SEO optimization, and data analysis. Supports end-to-end operations from topic sel...

0· 67·0 current·0 all-time
by@jason-aka-chen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The declared purpose (manage WeChat Official Accounts: generate/publish content, analyze data) is plausible, and the SKILL.md describes relevant features. However, the skill metadata declares no required credentials or config paths even though the instructions show an appid/secret JSON and describe publishing — a WeChat integration legitimately needs those credentials. Also the SKILL.md references a Python module 'mp_assistant' which is not included and not referenced in the registry metadata or a homepage, so it's unclear where runtime code comes from.
!
Instruction Scope
The SKILL.md tells the agent to install packages (pip install requests wechatpy), configure an appid/secret, and run code that imports 'mp_assistant' to generate and publish content. Because no code files are provided, the instructions implicitly require fetching or installing code from external sources (e.g., PyPI or the internet). The instructions do not limit what external endpoints or image-generation services to use for AI images or multi-platform sync, granting broad discretion to contact arbitrary services. The instructions also perform actions (publishing) that require secrets but do not declare or restrict how those secrets are handled.
Install Mechanism
There is no formal install spec in the registry (instruction-only), but SKILL.md recommends pip installing requests and wechatpy. Suggesting pip installs is common, but installing packages at runtime pulls remote code (PyPI) that will execute locally; because the skill provides no fixed source for the 'mp_assistant' module, the agent might attempt to pip-install unknown packages or fetch code from untrusted locations. This raises moderate risk but is expected for a Python-based integration unless a pinned/verified package or source is provided.
!
Credentials
The instructions explicitly require an Official Account AppID and Secret (sensitive credentials), but the skill metadata lists no required env vars or primary credential. That's a mismatch: a WeChat publish workflow needs those secrets, and the registry should declare them and justify their scope. Additionally, other capabilities mentioned (image generation, multi-platform sync) likely need additional credentials or third-party API keys that are not declared.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system-wide privileges in the metadata. There is no install spec that writes files or modifies other skills' configurations. This dimension shows no elevated privilege by itself.
Scan Findings in Context
[no-findings] expected: The static scanner found no code to analyze (this is an instruction-only skill). Absence of findings is expected for SKILL.md-only packages but does not imply safety.
What to consider before installing
This skill claims to manage and publish to WeChat Official Accounts but does not declare the AppID/Secret or provide the runtime code it references. Before installing or running this skill: (1) ask the publisher for a homepage or source repository and a clear list of required credentials (e.g., WECHAT_APPID, WECHAT_SECRET) and how they are stored/used; (2) do not enter long-lived account secrets until you verify the code; prefer short-lived tokens or a least-privilege account for publishing; (3) be cautious about allowing the agent to pip-install packages — inspect the exact packages and versions (and ideally pin them) and review their source; (4) clarify which image-generation or multi-platform services are used and what additional credentials they require; (5) if you cannot verify the source, run the skill in a sandboxed environment or decline installation. These gaps make the package suspicious rather than clearly benign.

Like a lobster shell, security has layers — review code before you run it.

latestvk97det61m0veaqkz3e3e0y5xzx83dewv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments