Back to skill
Skillv2.0.0
ClawScan security
md2WeChat-python · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 5:06 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, runtime instructions, and requested credentials are coherent with its stated purpose (convert Markdown to WeChat-compatible HTML and optionally upload to a WeChat draft); nothing in the package indicates unexplained or disproportionate access.
- Guidance
- This skill appears to do exactly what it claims: convert Markdown and, if you provide WeChat credentials, upload drafts/images to the official WeChat API. Before installing: (1) review the code if you have any doubt—source is marked unknown in the registry metadata; (2) prefer using --convert-only mode first to verify outputs without supplying credentials; (3) supply WECHAT_APPID/WECHAT_SECRET only for an account you trust (or a test account), and avoid exposing production credentials; (4) install Python dependencies in a virtualenv and run in an isolated environment if possible; (5) note the tool will make outbound HTTPS requests to api.weixin.qq.com and create temp files for generated covers—ensure your environment's network and IP whitelist (WeChat IP whitelist) are configured if needed. Overall the package is internally consistent, but the registry/source provenance is limited—exercise normal caution.
Review Dimensions
- Purpose & Capability
- okName/description match the code and runtime instructions: scripts convert Markdown to inline-styled HTML and the wechat_client module uploads images and creates drafts via the official WeChat APIs. Required env vars (WECHAT_APPID, WECHAT_SECRET) and python3 dependency are appropriate for this functionality.
- Instruction Scope
- okSKILL.md and scripts confine actions to reading Markdown and image files, converting/saving HTML, optionally loading a .env, and making network calls to api.weixin.qq.com. There are no instructions to read unrelated system files, other credentials, or exfiltrate data to unexpected endpoints.
- Install Mechanism
- okNo download-from-URL install steps; dependencies are standard Python packages listed in requirements.txt. The package is instruction+code only and relies on pip for dependencies (common practice).
- Credentials
- okOnly WECHAT_APPID and WECHAT_SECRET are required for upload behavior; primaryEnv is WECHAT_APPID which is sensible. The skill does not request unrelated credentials or sensitive system config paths.
- Persistence & Privilege
- okalways is false and the skill does not request to modify other skills or system-wide agent settings. It performs local read/write for previews and temporary cover generation only (to system temp dir).