ClawHub

Wechat Mp Publisher 1.0.0

v1.0.1

Publish articles to WeChat Official Accounts via API using configured AppID, AppSecret, and IP whitelist with access token management.

2· 401·4 current·4 all-time
by@saaaa1aaaas
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's name/description (WeChat Official Account publisher) matches the contained code: index.js calls api.weixin.qq.com and implements token, draft, and publish flows. However the registry metadata declares no required environment variables or primary credential, while both SKILL.md and index.js clearly require WECHAT_APPID and WECHAT_APPSECRET. This mismatch between what the skill claims to require and what it actually needs is an incoherence that should be addressed.
Instruction Scope
SKILL.md gives concrete instructions to create a .env with WECHAT_APPID/WECHAT_APPSECRET, run npm install, and run node index.js token|publish. The runtime instructions and code stay within the expected scope (they read local files, convert markdown to HTML, upload images, and call official WeChat endpoints). Note: the README also instructs creating a directory under the user's .openclaw skills path and saving secrets in .env — the guidance to keep secrets out of repos is appropriate.
Install Mechanism
No custom install spec in the registry; it's instruction-only. Dependencies are standard npm packages (axios, dotenv, form-data) referenced in package.json/package-lock.json from the npm registry. No downloads from arbitrary URLs or extract-from-remote archives are present in the bundle.
!
Credentials
The code requires sensitive credentials (WECHAT_APPID and WECHAT_APPSECRET) and reads a local .env, but the skill metadata does not declare any required env vars or a primary credential. That omission reduces transparency and could lead users to unknowingly provide secrets. Aside from those two secrets, no other unrelated credentials are requested.
Persistence & Privilege
The skill is not marked always:true and does not attempt to change other skills' configurations. It reads/writes files only in its own directory (e.g., output.html, reading article files, optionally uploading provided cover images). Autonomous invocation is allowed (the platform default) but is not combined here with other high-risk traits.
What to consider before installing
This package appears to implement exactly what it claims (WeChat article publish) and contains no obvious exfiltration or strange remote endpoints — but the registry metadata fails to declare the required credentials. Before installing, verify the skill's source/owner (it's listed as 'unknown' / an opaque owner ID), and do the following: 1) Inspect index.js yourself (it’s included) to confirm there are no hidden network calls — the current code only calls WeChat APIs. 2) Only provide WECHAT_APPID and WECHAT_APPSECRET in a local .env and never commit that file to a repo. 3) Consider running the skill in an isolated environment (container or VM) and audit npm dependencies (npm audit) before npm install. 4) Ask the publisher to correct the registry metadata to declare the required env vars and primary credential so the skill listing matches its actual needs. If you cannot confirm the publisher identity, treat the package as untrusted and avoid providing live AppSecret values until you validate it.

Like a lobster shell, security has layers — review code before you run it.

latestvk974d7pbacg8sr7d7cx7t2fz0s82fpqc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments