ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

wxgzh

v0.1.4

微信公众号文章发布工具。使用 wxgzh CLI 将 Markdown 文章发布到公众号草稿箱。触发场景:用户要发公众号文章、配置公众号 AppID/AppSecret、生成封面图、Markdown 转 HTML。

1· 280·1 current·1 all-time
by一个有毅力的吃货@lyhue1991
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the SKILL.md describes installing and using the @lyhue1991/wxgzh CLI to convert Markdown and publish drafts to a WeChat Official Account. Requested inputs (AppID/AppSecret) and referenced paths (~/.config/wxgzh and .wxgzh/) are coherent with a publishing tool.
Instruction Scope
The runtime instructions tell the agent to run shell checks and commands (command -v, npm install -g, wxgzh commands) and to access an external IP-check site (https://ip.sb). These actions are within the scope of installing/using a CLI, but they do grant the agent the ability to install software and write config files in the user's home directory; the instructions do not ask for unrelated files or credentials beyond the AppID/AppSecret.
Install Mechanism
There is no formal install spec in metadata (instruction-only), but SKILL.md tells the agent to run npm install -g @lyhue1991/wxgzh. Installing a global npm package from the public registry is expected for a CLI, but it is a persistence action and carries the usual npm-package risks (review upstream package before installing).
Credentials
The skill does not declare or require unrelated environment variables. It legitimately needs WeChat AppID/AppSecret (provided via wxgzh config command and stored in ~/.config/wxgzh/wxgzh.json). Asking the user to add their public IP to the WeChat whitelist is consistent with WeChat API usage.
Persistence & Privilege
The skill itself is not always-enabled and does not request elevated platform privileges, but its instructions will persist state by installing a global npm package and writing configuration to ~/.config/wxgzh and .wxgzh/. These are normal for a CLI but worth noting because they change the host environment.
Assessment
This skill is a set of instructions for installing and using the @lyhue1991/wxgzh CLI to publish WeChat articles. Before installing: (1) review the npm package (@lyhue1991/wxgzh) on npm/GitHub to ensure you trust its source and code; npm install -g will install files globally and persist on your system; (2) do not paste your AppSecret into untrusted places — the CLI will store AppID/AppSecret in ~/.config/wxgzh/wxgzh.json, so inspect that file and its permissions; (3) the instructions query https://ip.sb to get your public IP and ask you to add it to the WeChat IP whitelist — be aware this leaks your public IP to that service; (4) prefer to run the npm install step yourself rather than allowing an automated agent to install packages without confirmation; and (5) if you have concerns, run the CLI in an isolated environment (container/VM) and rotate AppSecret if you suspect it was exposed.

Like a lobster shell, security has layers — review code before you run it.

latestvk975vcdvbmxn7ycs53jcxkj9w982myvy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments