The skill is mainly a WeChat draft publishing tool, but it handles credentials, local files, uploads, draft deletion, and unvalidated remote image fetching with incomplete disclosure and guardrails.
Review before installing. Use a dedicated WeChat account or limited credentials, avoid the plaintext config command unless file permissions are locked down, supply explicit local cover images instead of letting it fetch a default remote image, and do not pass internal/private URLs as image or cover inputs. Install in a virtual environment and treat any saved draft, uploaded image, and article content as data sent to WeChat.