tencent-cloud-article-publisher
v1.0.0将文章自动发布到腾讯云开发者社区 (https://cloud.tencent.com/developer)。需要提供:标题、正文(Markdown 或纯文本)、Cookie 认证信息。支持直接发布(addArticle API),无需打开浏览器。
⭐ 0· 27·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (publish articles to 腾讯云开发者社区) align with the included script and SKILL.md: both show calling the documented addArticle API and require a browser Cookie to authenticate. No unrelated services, credentials, or tools are requested.
Instruction Scope
SKILL.md and publish_tencent.py stay within the publishing task: converting Markdown to HTML, building a payload, and POSTing to the documented API. The instructions ask the user to obtain Cookie values from browser DevTools and provide them at runtime — this is necessary for the stated purpose. The instructions do not direct reading other system files or exfiltrating data to third-party endpoints.
Install Mechanism
There is no formal install spec (instruction-only), but an included install.sh copies SKILL.md and the publish_tencent.py into the user's home (~/.openclaw). The script itself is simple and readable. Note: running install.sh will write files into ~/.openclaw — this is expected but the user should verify contents before running.
Credentials
The skill requests no environment variables or external credentials in metadata. Authentication is handled by a browser Cookie supplied at runtime, which is proportionate to the task. The package claims cookies are only kept in memory and not written to disk; the code provided does not persist the cookie file.
Persistence & Privilege
The skill is not marked always:true, does not modify other skills or system-wide settings, and does not request persistent elevated privileges. The only side-effect of installation (if install.sh is run) is copying files into ~/.openclaw which is limited scope.
Assessment
This package appears internally consistent, but you should still be cautious because it requires your cloud.tencent.com login cookies. Before installing or running any scripts: (1) review publish_tencent.py and SKILL.md yourself (they are short and readable); (2) avoid pasting cookies into public channels — use a secure/private channel; (3) prefer using a throwaway or dedicated account if possible and revoke the session/cookie after use; (4) be aware that although the script claims to keep cookies only in memory, your agent's conversation history or logs might capture them — do not share cookies in chat logs you want to retain; (5) if you run install.sh, note it will copy files into ~/.openclaw/ and ~/.openclaw/workspace/; run it only if you trust the package contents.Like a lobster shell, security has layers — review code before you run it.
latestvk97eym1cd2yj4c5js1p4fbydxs847x7g
License
MIT-0
Free to use, modify, and redistribute. No attribution required.