ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Openqq

QQ bot integration for OpenClaw with session isolation, logging, and AI auto-reply. Supports private chat and group @messages.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 472 · 1 current installs · 1 all-time installs
byZao_hon@Zaohon
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The code implements a QQ bot that spawns a local 'openclaw' CLI to generate replies — that is consistent with the description. However the skill metadata/requirements list no required binaries or primary credential even though runtime behavior depends on a local 'openclaw' executable and Node.js. The SKILL.md and package.json hint at using 'openclaw agent' (e.g., test-msg), but the skill did not declare the 'openclaw' CLI as a required binary. This is an incoherence that could surprise users.
!
Instruction Scope
SKILL.md instructs to install dependencies and run npm start and shows examples using 'openclaw agent', but does not clearly state that a functioning local OpenClaw binary must be installed and on PATH. The code spawns the 'openclaw' process and logs raw outputs; runtime will therefore run local commands and read the user's config file (~/.openclaw/workspace/open-qq-config.json). The instructions are otherwise within the bot's purpose (QQ <-> OpenClaw bridge) but are incomplete about runtime requirements and where data flows.
Install Mechanism
There is no automated install spec (instruction-only), but the package includes code files and package.json declaring npm deps (axios, ws). No external arbitrary downloads or extract steps are used. Installing requires running 'npm install' locally which will fetch packages from the npm registry — expected for a Node project. Because code files are included, installing/running will write logs and possibly create directories under /root by default; this is a local disk persistence consideration.
Credentials
Credentials are stored in a local config file (~/.openclaw/workspace/open-qq-config.json) rather than environment variables; that matches the stated design. This is proportionate for a QQ bot. Concerns: (1) default logDir in logger.js uses /root/.openclaw/... which may be incorrect for non-root users and could cause permission issues or leak file locations, (2) logging includes request/response payloads (logger.logApiCall logs response.data) and the sanitizer uses a simple regex that may not catch all secrets — logs may thus contain sensitive content unless you verify/configure sanitization and permissions.
Persistence & Privilege
The skill does not request always:true, does not declare special system-wide privileges, and does not modify other skills. It suggests systemd deployment in docs (normal for a daemon). The agent can invoke the skill (default) but the skill itself runs as a user process when you start it; there is no evidence it enables itself persistently beyond typical service installation steps you would perform.
What to consider before installing
This skill is plausibly a legitimate QQ bot, but review these points before installing: - The runtime spawns a local 'openclaw' CLI (spawn('openclaw', ...)). Ensure you actually have a trusted OpenClaw binary on PATH; the skill metadata did not declare this binary requirement. Without it the skill will fail or may spawn something unexpected. - The skill stores QQ credentials in ~/.openclaw/workspace/open-qq-config.json — keep file permissions tight (chmod 600) and do not commit it. The logger may record message contents and API responses; review logger.sanitizeMessage and consider stricter filtering or disabling debug logging in production. - Several files/scripts assume /root paths (default logDir, start-qq-bot.sh cd /root/...). If you run as a non-root user, adjust paths and service files before deploying. - The package.json relies on npm packages; 'npm install' will download dependencies from npm. Inspect the installed packages (axios, ws) versions and lockfile if you need supply-chain assurance. - Metadata mismatches (package version vs registry version, missing declared required binaries) and small inconsistencies indicate the author may have shipped quickly — audit the code (qq-bot.js and logger.js) if you don't fully trust the source, and test in an isolated environment first. If you decide to proceed: run it in a sandbox/container or test VM, verify the OpenClaw binary and QQ endpoints are the ones you expect, tighten config/log permissions, and run with non-root user privileges.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.0.5
Download zip
latestvk978h8r0exmnx5ej4qq3v8t2px81w4kp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

OpenQQ Bot

QQ bot integration for OpenClaw. Enables AI auto-reply for QQ private chats and group @mentions with session isolation and comprehensive logging.

Quick Start

# Initialize config
npm run setup

# Install dependencies
npm install

# Edit config
vim ~/.openclaw/workspace/open-qq-config.json

# Start bot
npm start

Configuration

Edit ~/.openclaw/workspace/open-qq-config.json:

{
  "qq": {
    "appId": "YOUR_APP_ID",
    "token": "YOUR_TOKEN",
    "appSecret": "YOUR_APP_SECRET"
  }
}

Get credentials from QQ Open Platform.

Usage

npm start        # Start bot
npm run health   # Health check
npm run logs     # View today's logs
npm run status   # Check running status

Features

  • Session Isolation: Each user/group has independent conversation history
    • Private: qq-private-{user_openid}
    • Group: qq-group-{group_openid}
  • Comprehensive Logging: China timezone, log rotation, sensitive data filtering
  • Auto Reconnect: WebSocket auto-reconnect with heartbeat
  • Message Retry: Auto-retry failed messages (up to 2 times)
  • Graceful Shutdown: Clean shutdown on SIGTERM/SIGINT

Files

FileDescription
qq-bot.jsMain program (WebSocket + OpenClaw integration)
logger.jsLogging system (China timezone + rotation)
scripts/health-check.shHealth check script
package.jsonDependencies (axios, ws)

npm Commands

CommandDescription
npm startStart bot
npm run healthHealth check
npm run logsView logs
npm run setupInitialize config
npm run statusCheck status
npm run cleanClean node_modules

Security

  • Do not commit open-qq-config.json to version control
  • Set permissions: chmod 600 ~/.openclaw/workspace/open-qq-config.json
  • Uses spawn instead of exec to prevent command injection
  • Session IDs are whitelisted (alphanumeric + hyphen only)

Troubleshooting

IssueSolution
Config not foundRun npm run setup
Missing credentialsEdit config file with appId/token/appSecret
WebSocket failedCheck Token and network
No replyTest with openclaw agent --message "test"

Changelog

See CHANGELOG.md

v0.0.3 (Latest)

  • 7 new npm commands
  • FAQ section
  • Message retry mechanism
  • Graceful shutdown

License

MIT License

Links

Files

10 total
Select a file
Select a file to preview.

Comments

Loading comments…