ClawHub

wacai-zhishudashi-baidu-ranking

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill’s workflow is coherent, but it defaults to posting results to a hardcoded Enterprise WeChat webhook key that may not belong to the installing user.

Review or replace the built-in Enterprise WeChat webhook before use. The skill is not showing destructive behavior, but by default it can send the generated Baidu ranking report to a preconfigured chat destination.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

ConcernHigh Confidence
ASI03: Identity and Privilege Abuse
What this means

Running the skill may post the generated report into a WeCom chat controlled by the embedded webhook owner, not necessarily the installing user.

Why it was flagged

The script embeds a live Enterprise WeChat robot webhook key and uses it as the default posting destination unless overridden.

Skill content
DEFAULT_WEBHOOK_URL = "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=0e41994e-9e62-4713-ad69-fddeaaba8e9a"
Recommendation

Use your own WeCom webhook URL via the override option or environment variable, and avoid publishing live webhook keys in shared skills.

NoteHigh Confidence
ASI02: Tool Misuse and Exploitation
What this means

The agent will browse Baidu and send a message as part of the normal workflow.

Why it was flagged

The skill directs the agent to use browser automation and then run a local script to send the extracted titles. This is purpose-aligned, but users should notice the automated browsing and posting behavior.

Skill content
1. 用 `browser` 打开 `https://www.baidu.com/`。 ... 4. 用 `scripts/push_wecom.py` 发送推送。
Recommendation

Run it only when you intend to publish the report, and verify the extracted titles before sending if accuracy matters.

NoteHigh Confidence
ASI07: Insecure Inter-Agent Communication
What this means

The search-title report is transmitted to Enterprise WeChat over the network.

Why it was flagged

The script sends the report payload to an external webhook endpoint. The data appears limited to search result titles, but it still leaves the local agent environment.

Skill content
with urllib.request.urlopen(req, timeout=20) as resp:
Recommendation

Confirm the webhook recipient is appropriate, especially if you adapt the skill to send private or business-sensitive keywords.