ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

wx-mp-write

v1.0.0

微信公众号文章全流程写作助手。支持热点选题、文章撰写、AI去味润色(去除机器感)、配图建议、一键发布到公众号草稿箱。适用于技术博主、自媒体创作者、企业公众号运营等场景。当用户需要写公众号文章、润色内容、寻找配图或发布到微信时使用此skill。

0· 68·0 current·0 all-time
by@onceyoungs
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The described purpose (WeChat article writing, polishing, image suggestions, publishing) is reasonable, but the SKILL.md explicitly depends on the tavily-search skill and wx-mp-push for publishing. The registry metadata lists no dependencies or required env vars, so the manifest does not match the actual capabilities the skill intends to use.
!
Instruction Scope
Runtime instructions tell the agent to use tavily-search for web searches and to call wx-mp-push to publish. They also state a precondition that TAVILY_API_KEY must be configured or present in ~/.openclaw/.env. That instructs the agent to read a user config file for secrets and to call other skills — behavior not reflected in metadata and worth flagging for scope creep and possible unexpected file access.
Install Mechanism
This is an instruction-only skill with no install spec and no bundled code — lower disk/write risk. There are no downloads or install scripts to evaluate.
!
Credentials
The SKILL.md requires the environment variable TAVILY_API_KEY (and suggests it may be stored in ~/.openclaw/.env), but the skill manifest lists no required env vars or primary credential. Also, publishing via wx-mp-push likely requires separate WeChat credentials which are not declared. Requesting access to a config file that may hold multiple secrets is disproportionate without explicit declaration.
Persistence & Privilege
The skill does not request always: true and has no install actions that modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but not combined with other high privileges here.
What to consider before installing
Before installing or using this skill: 1) Ask the publisher to update the manifest to explicitly declare required env vars (TAVILY_API_KEY) and any other credentials (e.g., for wx-mp-push/WeChat). 2) Confirm whether the skill will read ~/.openclaw/.env or other files and ensure that file doesn't contain unrelated secrets. 3) Verify trustworthiness of the tavily-search and wx-mp-push skills the instructions call, since they will handle web searches and publishing. 4) If you must use it, run it in a restricted environment or with only the minimum credentials required (avoid placing other tokens in the same .env). 5) Treat the mismatch between SKILL.md and metadata as a red flag — lack of declared dependencies/credentials may be an oversight or indicate sloppy/unsafe design; prefer skills whose manifests match their runtime requirements.

Like a lobster shell, security has layers — review code before you run it.

latestvk976kqrq7z4x8cc3mcf1rwaggx83q1ww

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments