Back to skill
Skillv1.0.0
ClawScan security
Windows WeChat MCP · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 1:20 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its stated purpose (automating screenshots and keyboard/clipboard input to control a Windows WeChat window); it requests no credentials or external installs beyond ordinary Python packages.
- Guidance
- This skill appears to do exactly what it says: automate the WeChat desktop UI using Python GUI automation. Before installing, consider: 1) GUI automation can send keystrokes and screenshots — run it only on a machine you trust and not on systems with sensitive data you don't want captured; 2) pip installs come from PyPI; review and install dependencies in a controlled/isolated environment (virtualenv); 3) if you don't want the agent to send messages without your explicit approval, disable autonomous invocation or require user confirmation before using the skill; 4) review the script yourself (it is short and local) and test with a non-production WeChat account to avoid accidental messages. If any of these are unacceptable, do not install or restrict the skill's use.
Review Dimensions
- Purpose & Capability
- okThe name/description (WeChat window monitoring and message sending) aligns with the included code: functions search_contact, send_message_to_current, send_message_to_contact, and get_wechat_status. The script uses GUI automation libraries appropriate to that goal. There are no unrelated credentials, binaries, or external services requested.
- Instruction Scope
- okSKILL.md and scripts/server.py instruct only GUI automation actions (activate window, screenshot region, copy to clipboard, paste, press Enter). The instructions do not attempt to read unrelated files, environment variables, or transmit data to external endpoints. They do require the WeChat window to be open and will activate it.
- Install Mechanism
- noteThere is no formal install spec; SKILL.md instructs the user to pip install pyautogui, pygetwindow, pillow, pyperclip, opencv-python. This is typical and not inherently risky, but pip installs will pull code from PyPI and may have native dependencies — review packages and install from trusted environment.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. The functionality (GUI automation) does not require secrets, so the lack of requested credentials is proportionate.
- Persistence & Privilege
- noteThe skill is not always-enabled and doesn't modify other skills or system configs. However, because it performs keyboard/mouse automation and clipboard manipulation, allowing autonomous invocation (the platform default) would let the agent send messages or interact with the desktop without manual confirmation; this is a functional but potentially sensitive capability the user should consider.