Weibo Search User Published Posts API
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: justoneapi-weibo-search-profile Version: 1.0.0 The skill is a standard API wrapper for searching Weibo posts via JustOneAPI. The implementation in `bin/run.mjs` is a straightforward Node.js script that uses the built-in fetch API to communicate exclusively with `api.justoneapi.com`. It includes proper input handling such as URL encoding for parameters and does not exhibit any signs of data exfiltration, command injection, or malicious prompt instructions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the token is exposed, someone else may be able to use your JustOneAPI account or quota.
The default invocation expands the JustOneAPI credential into a command-line argument, which can be visible to local process monitors, shell wrappers, or command logging on some systems.
node {baseDir}/bin/run.mjs --operation "searchProfileV1" --token "$JUST_ONE_API_TOKEN" --params-json '{"uid":"<uid>","q":"<q>"}'Use only in a trusted environment, prefer a version that reads JUST_ONE_API_TOKEN directly from the environment or a secret manager instead of argv, and rotate the token if it may have been exposed.