ClawHub

weixin-send

v1.2.0

主动向微信 ClawBot 用户推送文本消息。作为 openclaw-weixin 插件 message 工具的兜底方案,仅在其不可用时使用。

0· 217·0 current·0 all-time
byLuhui WANG@luhuiwang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name/description say it will proactively push text messages to WeChat as a fallback. The code and SKILL.md only require python3 and read local OpenClaw weixin account files (~/.openclaw/openclaw-weixin/accounts/). Using those tokens to call ilinkai.weixin.qq.com is consistent with the stated goal. No unrelated credentials, binaries, or services are requested.
Instruction Scope
Runtime instructions explicitly call send.py to list accounts and send messages, reference only the local account and context-token files, and target only the WeChat ilink API. They do not instruct reading other system files, other skills' configs, or sending data to unrelated external endpoints. The SKILL.md does note that this bypasses the OpenClaw channel framework and session logging (privacy implication), which matches the code behavior.
Install Mechanism
There is no install spec; the skill is instruction-only with a small included Python script. No external downloads, package installs, or extracted archives are performed. Risk from install mechanism is low.
Credentials
The skill does not request environment variables or remote secrets. It reads locally-stored account tokens and context tokens under the user's home directory (~/.openclaw/openclaw-weixin/accounts/), which is proportionate to sending messages. Users should be aware that access to those files is required for operation.
Persistence & Privilege
The skill is not forced-always (always:false). It allows autonomous invocation (platform default). A noteworthy privacy/operational point: because it deliberately bypasses the OpenClaw channel framework and does not trigger session logs, an agent (or script) invoking this skill can send messages without creating the usual channel/session audit trail. This is coherent with the stated purpose but has operational/privacy implications you should consider.
Assessment
This skill appears internally consistent and does what it claims: it reads your local OpenClaw weixin account files and uses those tokens to POST text messages to the WeChat ilink API. Before installing or enabling it, consider: (1) Ensure the account/token files under ~/.openclaw/openclaw-weixin/accounts/ are stored securely and you trust any agent that can run skills, because the skill will use those tokens to send messages. (2) Be aware it bypasses the OpenClaw channel framework and session logging — messages sent via this skill may not appear in usual audit logs. (3) If you want stricter control, restrict which agents/users can exec skills or run this script, and review the local account JSON files to confirm no unexpected tokens or endpoints are present. (4) If you need file/media sending or logging/auditing, prefer the official openclaw-weixin message tool instead.

Like a lobster shell, security has layers — review code before you run it.

latestvk9794q33vb1r60nrtrvc4ehswh83ngmn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3

Comments