WeRead Book Finder
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: weread-book-finder Version: 1.0.1 The skill bundle is a legitimate automation tool for finding and acquiring books from WeChat Reading and Z-Library. The Python script `scripts/find_book.py` uses Playwright to simulate user searches, manage login sessions via persistent browser profiles, and handle file downloads to a local directory (~/Downloads/OpenClaw-Books). The code logic is transparent, matches the documentation in `SKILL.md`, and contains no evidence of data exfiltration, malicious execution, or prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The script can act as your logged-in browser session to add a book to WeRead or use Z-Library.
The skill intentionally stores and reuses logged-in browser sessions for WeRead and Z-Library. This is purpose-aligned, but it gives the automation account-level access in those sessions.
由于微信读书和 Z-Library 需要登录,建议固定使用 profile 目录,避免重复登录...后续运行脚本时,会自动复用已登录的浏览器会话。
Use a dedicated browser profile for this skill, avoid sharing the profile directory, and clear or log out of the profile when you no longer need it.
After you provide a title, the skill may change your WeRead shelf or download an ebook without a separate confirmation step.
The default behavior automatically chains browser actions across two services and downloads a file when the first service does not produce a usable result. This matches the skill purpose but should be visible to the user.
默认模式:直接运行脚本,脚本会自动尝试微信读书。若微信读书找不到,脚本会无缝切换至 Z-Library 搜索并下载。
Run it only for books you intentionally request, review the printed candidates when matches are ambiguous, and inspect downloaded files before opening them.
You need to install and trust the local Python packages and Playwright browser runtime before using the skill.
The skill relies on manually installed, unpinned Python/browser dependencies, while the registry shows no install spec. This is common for an instruction-style skill but leaves dependency installation to the user.
环境依赖:- `python3` - `playwright` (安装 Chromium:`playwright install chromium`) - `requests` - `beautifulsoup4`
Install dependencies from trusted package sources, consider pinning versions in your environment, and keep Playwright/Chromium updated.