微信公众号阅读器
Security checks across malware telemetry and agentic risk
Overview
This is mostly a web article extractor, but it includes broader and stealth scraping helpers with uneven URL safety checks that users should review before installing.
Prefer the main extract.py path for public WeChat article links only. Avoid the generic, Notion, Google, and stealth helpers unless you understand the broader scraping and URL-safety implications. Pin dependencies before installing, and delete any debug screenshots or HTML files created during use.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent uses this helper on a crafted or mistaken URL, it could make the user's machine request internal or unintended network addresses and include returned page content in output.
This helper takes a command-line URL and sends the browser to it directly. Unlike extract.py, it does not apply the advertised SSRF URL validation before navigation.
url = sys.argv[1] ... page.goto(url, wait_until='networkidle', timeout=30000)
Reuse one shared URL validator in every script, block private/link-local/IPv6 internal addresses, and require explicit user approval for any non-WeChat or generic URL extraction.
Using this mode may violate website terms, trigger blocking, or expose the user to less isolated browser behavior.
The included stealth extractor is explicitly designed to bypass anti-crawling detection and launches Chromium with security-reducing flags, which is broader than normal WeChat article extraction.
尝试绕过知乎等平台的反爬检测 ... '--disable-blink-features=AutomationControlled', '--disable-web-security'
Remove or isolate stealth mode, avoid disabling browser security features by default, and require clear user consent before any anti-bot or non-WeChat scraping workflow.
The skill may behave differently over time or inherit a compromised/broken dependency version.
The dependency list is unpinned, so future installs may fetch different package versions from the package index.
playwright playwright-stealth beautifulsoup4 dnspython
Pin dependency versions, consider hashes or a lockfile, and install from trusted package indexes.
If used on private or sensitive pages, local copies of that content may remain in /tmp or the workspace after the task.
The debug helper saves a full-page screenshot and HTML of the fetched page to local files.
page.screenshot(path=screenshot_path, full_page=True) ... f.write(html)
Use debug helpers only for public pages, make file saving explicitly opt-in, and delete generated screenshots/HTML after use.