ZeeLin 知乎自动发布
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the wrong browser tab is attached or the page is misread, the agent could type content and click a submit/publish control on an unintended page.
When the fast path is enabled, the script uses whichever Browser Relay page is currently attached and clicks a fuzzy publish/submit match without checking the domain or confirming it is really the Zhihu article editor.
SKIP_NAV="${ZHIHU_ALREADY_ON_EDITOR:-0}" ... echo "=== 使用当前页(已打开写文章页 / Browser Relay)===" ... grep -E '发布|发表|提交|Publish' ... $CLI click "$PUBLISH_REF"Attach Browser Relay only to the correct Zhihu editor tab, keep the page visible, and prefer adding a domain/editor check or a final manual confirmation before the actual publish click.
A title containing shell metacharacters or quotes could cause command failure or unsafe shell interpretation if the agent inserts it without proper escaping.
Publishing is performed by shell exec commands that include the generated article title as a command argument; this is expected for the skill, but the instructions do not mention shell-safe escaping.
{"tool": "exec", "args": {"command": "bash ~/.openclaw/workspace/skills/zeelin-zhihu-autopost/scripts/publish_article.sh \"文章标题\" /tmp/zhihu_body.md", "timeout": 90000}}Use safe argument passing or robust shell escaping for the title, and avoid publishing titles that contain shell control characters.
After confirmation, the agent can publish content as the user on Zhihu, which may affect the user's public reputation or account.
The skill can publish using either a Zhihu OAuth token or the user's already logged-in browser session, which is necessary for the stated purpose but grants authority over the user's account.
若环境变量已设置 `ZHIHU_ACCESS_TOKEN`,使用 `scripts/publish_via_api.sh` ... 用户需先登录知乎 ... 只操作已登录状态下的写文章页
Review the full article before confirming, use the least-privileged/short-lived token available, and do not attach or authorize accounts you do not want the agent to post from.
Users may not realize they need to install and trust a browser-control extension and local tools before the skill can publish through the browser.
The skill depends on a browser extension and local command tooling even though the registry requirements list no required binaries or install spec. This is purpose-aligned but under-declared.
安装 OpenClaw Browser Relay:Chrome 扩展 ... `openclaw browser extension install`
Verify the Browser Relay extension source, understand which tab is controlled, and ensure required local tools are installed before using the skill.