Aws Wechat Article Publish
v1.0.0将文章发布到微信公众号(API 写入草稿箱或提交发布),含发布前检查。当用户提到「发布」「提交」「群发」「推送」「发出去」「上传到公众号」「发到公众号」「可以发了吗」「发布前检查」时使用。
⭐ 0· 67·0 current·0 all-time
by@bbd145
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill name/description match the included Python scripts which call the WeChat API and manipulate article files; however the registry metadata declares no required environment variables or primary credential while the code and SKILL.md clearly expect a repository-level aws.env with WECHAT_<N>_APPID and WECHAT_<N>_APPSECRET and a .aws-article/config.yaml. This mismatch (claimed no env vars vs. actual required secrets) is an incoherence.
Instruction Scope
SKILL.md instructs the agent to run the included scripts from the repo root and to read/write repo files (article.yaml, article.html, cover images, .aws-article/config.yaml, aws.env). That scope is consistent with publishing to WeChat. Minor scope creep: article_init reads a possible per-user file in the home dir (~/.aws-article/article.example.yaml), so the code may access a user home config beyond the repo.
Install Mechanism
This is an instruction-only skill with bundled scripts and no install spec or external downloads. No network-install URLs or archive extracts are present. It does rely on Python and optional packages (PyYAML, Pillow) which the SKILL.md/scripts mention but does not provide an automated installer.
Credentials
The code requires WeChat credentials (WECHAT_N_APPID and WECHAT_N_APPSECRET in aws.env) and reads .aws-article/config.yaml, but the skill metadata lists no required env vars or primary credential. The skill.json also requests filesystem, network, and shell permissions — filesystem/network are expected for this task, but the absence of declared required credentials is a proportionality/information gap the user should be aware of.
Persistence & Privilege
The skill does not request always: true and is user-invocable only. It writes back to article.yaml within the repo to mark publish_completed (expected behavior). It does not request elevated platform-wide privileges.
What to consider before installing
This skill appears to be a real WeChat publishing helper, but exercise caution: 1) It expects a repository-level aws.env file containing WECHAT_1_APPID / WECHAT_1_APPSECRET (and optionally WECHAT_N_API_BASE) even though the registry metadata doesn't declare these — do NOT put real credentials into repos you don't control. 2) The scripts read and write repo files (article.yaml, article.html, cover images) and may read a user home config (~/.aws-article/...). Review the code (already included) and confirm it only calls official WeChat endpoints (api.weixin.qq.com) before running. 3) Run it in an isolated workspace (or with dummy credentials) to test; install required Python packages (PyYAML, optionally Pillow) manually. 4) If you do not want automatic network publishing, set config.yaml publish_method to 'none' or avoid running the --publish option. 5) If you need higher assurance, ask the author to update registry metadata to declare required env vars and expected file paths so permission/credential needs are explicit.Like a lobster shell, security has layers — review code before you run it.
latest
发布
通过微信公众号 API 将排版稿写入草稿箱或再提交发布(由 config.yaml 的 publish_method 与命令行 --publish 控制)。
配置检查 ⛔
任何操作执行前,必须按 首次引导 执行其中的 「检测顺序」。检测通过后才能进行以下操作(或用户明确书面确认「本次不检查」):
脚本目录
Agent 执行:本 skill 的 {baseDir} 为 skills/aws-wechat-article-publish/。发布子命令在 {baseDir}/scripts/publish.py(仓库根执行)。
| 脚本 / 子命令 | 用途 |
|---|---|
article_init.py | 初始化或更新本篇 article.yaml(及可选 closing.md)。用于总览 本篇准备(建目录后)或 发布前 补全元数据。仓库根执行:python {baseDir}/scripts/article_init.py <文章目录> [--title … --author … --digest …] |
getdraft.py | 独立于 publish.py:用于正式文章查询(published-list / published-fields / publish-get / article-get,对应 freepublish/*),可用于 embeds.related_articles.manual 为空时自动补全推荐链接。注意:freepublish/* 需要公众号具备对应接口权限。仓库根:python {baseDir}/scripts/getdraft.py published-fields |
check-screening | 校验 config.yaml 的 publish_method(draft / published / none) |
check-wechat-env | 按 config.yaml 槽位检查 aws.env 的 WECHAT_N_APPID / WECHAT_N_APPSECRET 是否已填(调用 publish.py 前建议跑) |
check | 环境检查:aws.env、各槽位、依赖、可选探测 token |
accounts | 列出 config.yaml 中各微信槽位名称,并标记 aws.env 凭证缺项 |
full / token / … | 调微信 API(需 aws.env 微信凭证) |
凭证与 publish_method ⛔
publish_method(以仓库 config.yaml 为准)
| 值 | 含义 | 行为 |
|---|---|---|
draft(默认) | 只进公众号草稿箱 | full 创建草稿后不调用 freepublish 提交发布。 |
published | 草稿 + 提交发布 | full 创建草稿后继续提交发布(异步)。full --publish 可单次强制带发布,即使当前为 draft。 |
none | 用户明确不填微信 | full 立即退出,不调任何微信接口(--publish 也会被忽略)。其它子命令(token 等)仍要凭证。 |
多账号时如何选槽位
- 运行
python {baseDir}/scripts/publish.py accounts,从config.yaml的wechat_accounts+wechat_N_name向用户展示列表(例如:您有2个账号:1."xiaoming",2."xiaoz")必须询问用户选择哪个账号发布到草稿箱,然后根据用户选择发布到指定的账号。 - 在
config.yaml写wechat_publish_slot: <整数>,或命令行--account <序号或名称>(CLI 优先,见 articlescreening-schema.md)。
全局环境
在仓库根具备 aws.env(微信密钥)与 config.yaml(微信槽位数量与名称)。写作/生图见 validate_env.py(微信未齐仍可先做内容)。publish_method: none 时 full 会跳过;draft/published 发布前建议 check-wechat-env。API 端点优先取 WECHAT_N_API_BASE,若槽位未配则回退 config.yaml.wechat_api_base(两者都空时使用官方)。
作者名回退
full / create-draft 若 article.yaml 无 author,回退 config.yaml 的 default_author。
publish_completed(本篇是否已发布完成)
- 字段在本篇
article.yaml。publish.py不读、不改;由智能体维护。 false:发布流程未闭环。true:已视为发布完成(草稿已确认 / 或published流程成功且运营确认)。
本篇发布真正结束后:将 publish_completed: true 写回 article.yaml。
写回 true 的前置门禁(缺啥补啥):
article.html存在;- 文章目录存在封面图
cover.(png/jpg/jpeg/webp); article.md与article.html中均不含placeholder;- 发布命令成功并拿到回执(
media_id或publish_id)。
任一不满足:只可标记为“已提交草稿,未闭环”,不得写回 publish_completed: true。
用户仅说「发布」且未明确路径时 ⛔
在用户未给出 drafts/… 路径、仅说「发布文章」「帮我发一下」等时:
- 确定本篇目录:列出仓库下
drafts/中子目录;若多篇,请用户指定一篇或选「最新修改」的一篇再读该目录article.yaml。勿在未确认目录时假定路径。 - 读取该目录
article.yaml中的publish_completed(YAML 布尔:true/false;缺省按false处理)。
publish_completed | 智能体对用户说明(可略作口语化,勿改含义) |
|---|---|
true | 告知:项目里本篇文档已按记录成功发布;问:您是否需要编写新文章? 若需要 → 转交 main / writing 从本篇准备或选题起走。 |
false 或缺省 | 读取 article.yaml 的 title(若无则用目录名简述),说明:《{title}》尚未执行完成(发布流程未闭环);问:是否需要继续并完成发布? 或 编写新文章? 若继续本篇 → 再核对 config.yaml 的 publish_method、check-screening、check-wechat-env 等。 |
工作流
发布进度:
- [ ] 前置:配置检查(见本节「配置检查」)⛔
- [ ] 第0步:若用户未给路径 → 选本篇目录 → 读 publish_completed → 按上表分流(true/false)
- [ ] 第1步:读 **`config.yaml`** → **`draft` / `published`**(及是否 **`full --publish`**)
- [ ] 第2步:读取 **`config.yaml`** 的 `wechat_accounts` + `wechat_N_name` 向用户展示账号列表并询问目标槽位;随后跑 **`check-wechat-env`** 校验 `aws.env` 凭证 → **`wechat_publish_slot` 或 `--account`**
- [ ] 第3步:发布前检查(checklist + **`check-screening`** + **`check`**)
- [ ] 第4步:准备文章目录
- [ ] 第5步:**`full`**(仅草稿或含发布,视上步)
- [ ] 第6步:确认结果与用户说明
- [ ] 第7步:成功后写回 **`article.yaml`** 的 **`publish_completed: true`**;按需归档
交互顺序(最小提问)
- 未给路径时:先按上文 「用户仅说发布」 处理
publish_completed;用户选 继续本篇 后再做下列步骤。 - 先看
config.yaml的publish_method:draft= 默认只进草稿箱;published或full --publish= 再提交发布。 - 多槽位:展示账号列表(来源:
config.yaml的wechat_accounts+wechat_N_name),请用户选槽位 →wechat_publish_slot或--account。 - 缺微信字段:运行
check-wechat-env,补全aws.env后再发。 - 发布失败(由脚本 stderr / 微信 errcode 判断):
- 网络类(超时、连接失败、5xx):脚本已对单次请求 自动重试 1 次;仍失败 → 告知「网络不可用,请稍后重试或检查代理」。
- 凭证/配置类(如 token 失败带 errcode、缺字段)→ 提示 第几槽位、检查 APPID/SECRET、IP 白名单,用户改正后再执行
full/publish。
- 中间产物缺失(封面缺失 / 存在
placeholder):先补产物再发;若用户坚持先发草稿,必须明确告知“正文配图未完成”,且保持publish_completed: false。
命令示例(仓库根)
python {baseDir}/scripts/publish.py check-screening
python {baseDir}/scripts/publish.py check-wechat-env
python {baseDir}/scripts/publish.py accounts
python {baseDir}/scripts/publish.py check
python {baseDir}/scripts/publish.py --account 1 full drafts/YYYYMMDD-标题slug/
python {baseDir}/scripts/getdraft.py published-fields
详见 references/usage.md、references/submit-guide.md、references/api-reference.md。
过程文件
| 读取 | 产出 |
|---|---|
article.html、imgs/、article.yaml(含 publish_completed 等)、.aws-article/config.yaml、aws.env(微信槽位) | 发布到公众号草稿或提交发布;成功后由智能体将 publish_completed: true 写回 article.yaml(publish.py 不改此键) |
Comments
Loading comments...