ClawHub

OpenClaw WeChat Setup

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill appears to be a straightforward WeChat setup guide, but it relies on running an unpinned external npm installer and authorizing a WeChat account.

Install this only if you intend to connect WeChat to OpenClaw. Run the installer in a trusted terminal, verify the npm package/source if possible, scan only with the intended WeChat account, and consider enabling per-account context isolation for multiple accounts.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means

The installer could change behavior over time as the npm package updates.

Why it was flagged

The setup depends on downloading and running the latest external npm CLI. This is central to the skill purpose, but the package code and exact version are not included in the provided artifacts.

Skill content
npx -y @tencent-weixin/openclaw-weixin-cli@latest install
Recommendation

Run it only if you trust the package source; prefer official documentation or a pinned version when possible.

#
ASI02: Tool Misuse and Exploitation
Low
What this means

Running the command can alter OpenClaw configuration and activate a new messaging channel.

Why it was flagged

The documented installer mutates the local OpenClaw environment and starts an authorization flow. These actions are disclosed and aligned with setup, but they are still impactful local changes.

Skill content
Download and install the `@tencent-weixin/openclaw-weixin` plugin ... Enable the plugin in OpenClaw config ... Start the WeChat QR code login flow
Recommendation

Confirm the target OpenClaw installation before running the command and review the resulting channel/plugin status afterward.

#
ASI03: Identity and Privilege Abuse
Low
What this means

The connected WeChat account can become a messaging channel for OpenClaw.

Why it was flagged

The skill requires the user to authorize a WeChat account for use as an OpenClaw channel. This is expected for the integration and requires user scanning.

Skill content
The user must scan it with their WeChat mobile app to authorize the connection.
Recommendation

Scan only with the intended WeChat account and remove or re-authenticate accounts if you no longer want them connected.

#
ASI06: Memory and Context Poisoning
Low
What this means

If multiple WeChat accounts are linked, conversation context handling may affect privacy between accounts.

Why it was flagged

The skill acknowledges conversation-context isolation for multiple WeChat accounts. This is disclosed and optional, but users should notice the context boundary setting.

Skill content
To isolate conversation context per WeChat account: `openclaw config set agents.mode per-channel-per-peer`
Recommendation

Enable per-channel-per-peer mode when using multiple accounts or when conversations should remain separated.