微信公众号工具包
WarnAudited by ClawScan on May 18, 2026.
Overview
This skill mostly matches its WeChat publishing purpose, but it under-declares WeChat account credentials and includes high-impact posting/deletion and provenance-masking workflows that users should review carefully.
Install only if you intend to give the agent access to a WeChat Official Account. Review the npm/bootstrap code, configure credentials only when needed, require explicit approval before publishing or deleting anything, and avoid using the rewrite workflow to disguise copied or AI-generated content without proper rights and disclosure.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If configured, the agent can use your WeChat Official Account credentials to create, publish, list, or delete account content.
The code uses WeChat Official Account credentials, while the supplied registry metadata says there are no required env vars and no primary credential. Those credentials enable account-level API actions.
const appId = options.appId ?? process.env.WECHAT_APP_ID; const appSecret = options.appSecret ?? process.env.WECHAT_APP_SECRET;
Only configure credentials for an account you control, prefer least-privilege/rotatable credentials, and require explicit confirmation before any account-mutating action.
A mistaken or over-broad agent action could remove drafts, publish content, or delete public WeChat articles.
The documented tool surface includes deleting drafts, formally publishing drafts, and deleting already-published articles; these are high-impact account mutations and the artifacts do not show a dedicated approval gate.
node scripts/publisher/manage_draft.js delete MEDIA_ID node scripts/publisher/manage_draft.js publish MEDIA_ID --wait node scripts/publisher/manage_draft.js published-delete ARTICLE_ID --index 0
Add explicit per-command user confirmation, dry-run/list-only defaults, and clear warnings before publish or delete operations.
Public-facing articles may be presented as more original or human-written than they are, creating copyright, disclosure, or trust issues.
The rewrite workflow explicitly encourages reducing duplication checks and hiding AI-like writing style before publication, which can mislead readers or downstream reviewers about provenance.
"降低查重率" / "去掉 AI 味" ... "读起来像真人写的" ... "结构与原文明显不同"
Use the rewrite feature only with rights-cleared source material and disclose AI assistance or source attribution where required.
Installing the skill may run npm package lifecycle code and local bootstrap logic on your machine.
The setup relies on npm/global package installation and a bootstrap script. This is expected for a Node-based toolkit, but it executes third-party/local package code during setup.
npm install -g cheerio
cd {baseDir}/scripts/downloader && npm install
node {baseDir}/scripts/bootstrap/install_wenyan.jsReview package files, prefer lockfiles/pinned versions, and install in a controlled environment.
If remote mode is used, article content and publication actions may be handled by a server outside the local machine.
The embedded wenyan CLI supports remote server mode where publication requests can be sent to a user-specified server with an API key. This is documented and purpose-aligned for IP whitelist handling, but it changes the data boundary.
wenyan publish -f article.md --server https://api.example.com --api-key your-api-key
Use only servers you operate or trust, use HTTPS, protect the API key, and understand what content and credentials reside on the server.