Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Baoyu Post To Weibo

v1.76.2

Posts content to Weibo (微博). Supports regular posts with text, images, and videos, and headline articles (头条文章) with Markdown input via Chrome CDP. Use when...

⭐ 1· 739·31 current·32 all-time

byJim Liu 宝玉@jimliu

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description (post to Weibo) match the delivered assets: scripts to create regular posts and long-form articles, Markdown-to-HTML conversion, Chrome CDP helpers, and clipboard/paste helpers. The declared runtime hint (bun or npx) aligns with the TypeScript/Node/Bun scripts provided. Access to Chrome user-data dirs and DevToolsActivePort is consistent with the approach of reusing a real browser session.

ℹ

Instruction Scope

SKILL.md instructs the agent to run local scripts from the scripts/ directory, convert Markdown, and drive a real Chrome instance via CDP, including pasting HTML and images using system clipboard and synthetic keystrokes. The scripts intentionally read local files (markdown, images), inspect Chrome user-data directories (DevToolsActivePort), and may run local tools (swift, osascript, xdotool, powershell, ps). These actions are expected for the stated automation but constitute broad local access (file reads, process listing, subprocess execution) — the agent will be able to enumerate Chrome profiles and probe running processes to find a debug port.

✓

Install Mechanism

No install spec is provided (instruction-only skill). All code is included in the package; scripts are run via bun/npx at runtime. No external archive downloads or remote installers are invoked by the skill metadata.

✓

Credentials

The skill does not require credentials or secret environment variables. It optionally respects local overrides (e.g., BAOYU_CHROME_PATH, BAOYU_SHARED_PROFILE) but does not demand them. No unrelated external service keys are requested.

✓

Persistence & Privilege

always:false and no mechanism to force-enable itself. The skill runs one-off local scripts and does not attempt to modify other skills or system-wide agent settings. It spawns subprocesses and interacts with local clipboard/GUI tools as required for browser automation, which is within expected privilege for this functionality.

Assessment

This skill appears to do what it claims: automating Weibo posts by driving a real Chrome browser. Before installing or running it, consider the following: - It will read files you give it (markdown, images) and also probe local Chrome user-data directories and running processes to find a Chrome debug port. If you reuse your main Chrome profile it may access cookies/sessions present in that profile — use a separate Chrome profile if you want isolation. - The scripts execute local helper commands (swift/osascript on macOS, xdotool/ydotool on Linux, PowerShell on Windows) and run child processes; ensure those binaries are trusted on your system. - There are no network exfiltration endpoints in the provided code; however, always prefer to run third-party automation code from a trusted source. If you have privacy concerns, run the scripts in an isolated user profile, inspect EXTEND.md and the scripts you will run, or run inside a disposable environment.

✗

scripts/copy-to-clipboard.ts:59