ClawHub

md2WeChat-python

v2.0.0

将 Markdown 文件转换为微信公众号兼容的内联样式 HTML,并一键发送到微信草稿箱。支持 Front Matter 元数据、表格、代码块、列表、图片自动上传等完整排版能力。

1· 402·2 current·2 all-time
by@koraihub
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the code and runtime instructions: scripts convert Markdown to inline-styled HTML and the wechat_client module uploads images and creates drafts via the official WeChat APIs. Required env vars (WECHAT_APPID, WECHAT_SECRET) and python3 dependency are appropriate for this functionality.
Instruction Scope
SKILL.md and scripts confine actions to reading Markdown and image files, converting/saving HTML, optionally loading a .env, and making network calls to api.weixin.qq.com. There are no instructions to read unrelated system files, other credentials, or exfiltrate data to unexpected endpoints.
Install Mechanism
No download-from-URL install steps; dependencies are standard Python packages listed in requirements.txt. The package is instruction+code only and relies on pip for dependencies (common practice).
Credentials
Only WECHAT_APPID and WECHAT_SECRET are required for upload behavior; primaryEnv is WECHAT_APPID which is sensible. The skill does not request unrelated credentials or sensitive system config paths.
Persistence & Privilege
always is false and the skill does not request to modify other skills or system-wide agent settings. It performs local read/write for previews and temporary cover generation only (to system temp dir).
Assessment
This skill appears to do exactly what it claims: convert Markdown and, if you provide WeChat credentials, upload drafts/images to the official WeChat API. Before installing: (1) review the code if you have any doubt—source is marked unknown in the registry metadata; (2) prefer using --convert-only mode first to verify outputs without supplying credentials; (3) supply WECHAT_APPID/WECHAT_SECRET only for an account you trust (or a test account), and avoid exposing production credentials; (4) install Python dependencies in a virtualenv and run in an isolated environment if possible; (5) note the tool will make outbound HTTPS requests to api.weixin.qq.com and create temp files for generated covers—ensure your environment's network and IP whitelist (WeChat IP whitelist) are configured if needed. Overall the package is internally consistent, but the registry/source provenance is limited—exercise normal caution.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ceez1v8zwfwkt9peyqb9rvn82rajz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
EnvWECHAT_APPID, WECHAT_SECRET
Primary envWECHAT_APPID

Comments