Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
微信公众号发布工具
v0.1.0Automate publishing WeChat Official Account articles with media upload, draft management, and publish status querying via WeChat MP API.
⭐ 0· 215·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The described purpose (WeChat MP publishing) legitimately requires an app_id and app_secret and access to local media files and a token cache; the SKILL.md documents these. However the skill metadata lists no required env vars, no primary credential, and no required config paths — that's inconsistent and unexpected.
Instruction Scope
SKILL.md instructs the agent to read local files for uploads, create/read a config file at ~/.openclaw/config/wechat-mp.json and a token cache at ~/.openclaw/.wechat_mp_token.json, and to run npm install/build in a user workspace path (example uses an absolute path). Reading/writing those files is expected for this functionality, but the instructions give broad local filesystem access and reference a hard-coded example path, which is sloppy and may lead to accidental use of the wrong directory.
Install Mechanism
The skill is instruction-only (no install spec and no code files in the registry), yet the README instructs running npm install and npm run build. That means users will need to obtain the project code (not provided here) and run package installation locally — acceptable for an integration but risky if the source is unknown. No external download URLs are present in the SKILL.md.
Credentials
The runtime docs require sensitive credentials (app_id and app_secret) and allow environment variable configuration (WECHAT_MP_APP_ID / WECHAT_MP_APP_SECRET), but the skill metadata declares none. The absence of declared required credentials is a material omission: the skill will need secrets to operate but does not advertise them to the platform or user.
Persistence & Privilege
The skill does not request always:true and does not claim other elevated privileges. It instructs creating config and token-cache files under ~/.openclaw, which is reasonable for a persistent integration but does write to the agent's config area — verify that path before proceeding. No evidence of modifying other skills or system-wide settings.
What to consider before installing
This skill's documentation expects your WeChat app_id/app_secret and reads/writes files under ~/.openclaw, but the registry metadata omits those requirements and no source/homepage is provided. Before installing or running: (1) Do not provide app_secret to unknown code — verify the author's identity and inspect the project source (package.json, src/) yourself. (2) Confirm where the token cache/config will be written and whether that overlaps sensitive data. (3) If you must run npm install, obtain the code from a trusted repository (not just a copy pasted SKILL.md) and review dependencies. (4) Ask the publisher to update registry metadata to declare required env vars/config paths and to provide a source URL or homepage. If you cannot verify the source and contents, treat this skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk97afgdp333j2fj17f8qbwax9982r6m1mpvk97afgdp333j2fj17f8qbwax9982r6m1publishvk97afgdp333j2fj17f8qbwax9982r6m1wechatvk97afgdp333j2fj17f8qbwax9982r6m1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.