Wjs Publishing Wechat
PendingVirusTotal audit pending.
Overview
No VirusTotal analysis has been recorded yet. File reputation checks will appear here once the artifact hash has been scanned.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If that external repository changes or is compromised, the agent may run unreviewed code while handling your article drafts and local authentication.
The skill requires installing an external GitHub repository directly into the agent skills directory without a pinned commit, checksum, or reviewed source in this artifact set.
必须装好 `gpt-image-2-skill`: git clone https://github.com/Wangnov/gpt-image-2-skill /tmp/g cp -r /tmp/g/skills/gpt-image-2-skill ~/.claude/skills/
Review and pin the external dependency before installing, or use a known commit/checksum and avoid copying unreviewed skills into the agent skills directory.
Local command execution is expected for this workflow, but it means the helper code runs on your machine under your user account.
The skill intentionally executes a Node.js wrapper from the external gpt-image-2-skill package to generate images.
RESULT=$(node "$WRAPPER" --json --provider codex images generate \
Run the scripts only after verifying the helper dependency and from article folders you trust.
The skill can use accounts that may incur image-generation cost and can create drafts in the configured WeChat Official Account.
The workflow depends on local Codex authentication and WeChat Official Account API credentials.
唯一支持:Codex `~/.codex/auth.json` ... `md2wechat` CLI 已安装并配置好 `WECHAT_APPID` + `WECHAT_SECRET`
Use least-privilege credentials where possible, confirm the configured WeChat account, and do not run the upload step until the draft and target account are correct.
Running the script can place article content and images into your WeChat Official Account drafts, although it does not appear to publicly publish the article by itself.
The upload helper uses md2wechat to upload images and create a WeChat draft, which mutates the configured account's draft area.
md2wechat upload_image cover.png ... md2wechat create_draft draft.json
Treat upload-draft.sh as an account-changing action; inspect the generated files first and run it only when you intend to create a WeChat draft.
Private drafts may be sent to the image-generation provider before publication.
The illustration generator reads the full article markdown and sends it as instructions to the external Codex-backed image-generation wrapper.
article = open(sys.argv[2]).read() ... --provider codex images generate ... --instructions "$INSTRUCTIONS"
Do not use the automatic image-generation step for confidential drafts unless you are comfortable sending the article content to the configured provider.