Wechat Article Search - 微信公众号文章搜索
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears to be a straightforward WeChat article search scraper, with expected network and dependency risks that users should understand before use.
This looks safe to install for its stated purpose, but remember it is a web-scraping search tool: your keywords are sent to external sites, optional content fetching makes additional requests, and dependency installation should be done in a trusted Python environment.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Search terms and optional article fetches may be visible to the external search/article sites and may trigger site anti-scraping controls.
The script sends the user's search query to Sogou Weixin and performs HTTP requests, which is expected for this search/scraping skill but means searches are shared with an external site.
SEARCH_URL = "https://weixin.sogou.com/weixin" ... params = {"type": "2", "query": query} ... requests.get(url, params=params, headers=headers, timeout=timeout, allow_redirects=allow_redirects)Use it only for queries you are comfortable sending to Sogou/WeChat, avoid high-frequency scraping, and follow the target sites' terms and robots rules.
Installing unpinned packages may produce different dependency versions over time.
The dependency installation is disclosed and expected, but the packages are not version-pinned in the instruction.
pip install requests beautifulsoup4
If you need reproducibility or stricter supply-chain control, install known-good pinned versions of requests and beautifulsoup4 in a controlled Python environment.