wechat-reply-ai

This skill appears to do what it says (local Windows WeChat automation) but carries several practical risks you should consider before installing or running it from an unknown source: - Sensitive local access: it captures screenshots, reads and writes the clipboard, launches the WeChat executable, and writes log/state/image files to disk. These are necessary for GUI automation but can expose local data. - Persistent hidden daemon: you can start a background process (hidden) that listens on localhost and writes a state file with a token; this increases the persistent footprint and local attack surface. Inspect the state file location and contents before trusting it. - Hard-coded file paths: the code writes screenshots to an absolute path (e.g., D:\Backup\Documents\Playground\wechat_screen.png) — this is surprising and may overwrite files or fail on systems without that path. - Unknown provenance: no homepage/source repository is provided. Prefer code from a vetted author or run inside a disposable VM or sandbox. - Dependencies: the scripts require native Windows packages (uiautomation, pywinauto, pywin32, Pillow, rapidocr-onnxruntime). Some packages may download models or binaries; install these deliberately and inspect install steps. Practical next steps: 1) Review the complete scripts locally (you already have them) and search for any network calls, remote URLs, or obfuscation. The provided code appears local-only but double-check the truncated parts before running. 2) Run only after verifying file paths and changing hard-coded output paths to safe locations. 3) If you must run the daemon, inspect the generated wechat_assistant_state.json and ensure the token file is protected. Consider firewall/local policy controls to restrict access to the RPC port. 4) Prefer running in an isolated Windows VM or test account, and avoid running as administrator. If you are not comfortable inspecting or sandboxing, do not install from this unknown source.