Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Wechat Mcp
v1.0.0Windows 电脑端微信消息监控与发送 MCP,实现在微信上给指定联系人发送消息
⭐ 4· 2.2k·13 current·13 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The package purpose (monitoring and sending WeChat messages on Windows) aligns with the code: pyautogui/pygetwindow/ImageGrab-based desktop automation. However SKILL.md and examples claim functions/features that are not present (e.g., send_message_to_contact and contact-search/open flow). requirements.txt also lists pytesseract even though server.py does not use it. These mismatches suggest the docs and code are out of sync.
Instruction Scope
Runtime instructions tell the agent to install Python GUI automation libs and call functions like send_message_to_contact, but the actual runtime entry points in server.py are send_message_to_current and get_wechat_status (no send_message_to_contact). The code performs GUI clicks, clipboard operations, and saves screenshots (verify.png, input_verify.png, result.png) to the skill directory — the SKILL.md does not clearly document the file writes. The skill does not access external networks or credentials, but the discrepancy between documented and implemented behavior is a scope/integrity problem.
Install Mechanism
There is no install spec (instruction-only), which is low risk. requirements.txt lists typical GUI automation packages. It also lists pytesseract (and the SKILL.md does not instruct installing Tesseract OCR engine), which may be unnecessary or missing a required external binary (tesseract.exe) on Windows — the README and instructions should clarify this dependency.
Credentials
The skill requests no environment variables or credentials and does not call external services. It does interact with the system GUI, clipboard (pyperclip), and filesystem (writes PNG files to the skill directory) which is proportionate to desktop automation but worth noting because these actions can leak or alter local data if misdirected.
Persistence & Privilege
The skill is not marked always:true and does not modify other skills or system-wide configs. It runs an stdin JSON-RPC loop when executed, which can autonomously perform GUI actions if invoked — this is expected for an MCP-style tool but increases impact if used without oversight.
Scan Findings in Context
[pyautogui.FAILSAFE_disabled] unexpected: server.py sets pyautogui.FAILSAFE = False. Disabling pyautogui's failsafe prevents aborting automation by moving the mouse to the corner, increasing the risk of runaway UI actions.
[doc_function_missing_in_code] unexpected: SKILL.md examples reference send_message_to_contact (search/open contact flow) but server.py does not implement that function; only send_message_to_current exists. This doc/code mismatch can mislead integrators or cause unexpected behavior.
[requirements_contains_unused_pytesseract] unexpected: requirements.txt includes pytesseract but server.py does not import or call it. pytesseract typically requires an external Tesseract binary that is not mentioned in the SKILL.md.
[writes_screenshots_to_disk] expected: server.py saves verify.png, input_verify.png, and result.png in the skill directory; SKILL.md mentions screenshots but does not explicitly state that files are written to disk. Writing screenshots is consistent with monitoring functionality, but users should expect these files to be created.
What to consider before installing
This skill automates your Windows desktop to send WeChat messages by simulating clicks and clipboard operations. Before installing or running it:
- Review the code yourself (or ask the author) because SKILL.md claims a contact-search/send_message_to_contact flow that is not implemented; expect only send_message_to_current behavior.
- Be aware the code disables pyautogui's FAILSAFE (pyautogui.FAILSAFE = False). Consider changing that to True to allow aborting automation by moving the mouse to a screen corner.
- The skill writes screenshot files (verify.png, input_verify.png, result.png) into the skill directory — ensure that is acceptable for your environment.
- requirements.txt lists pytesseract (and Tesseract requires a separate system binary). Confirm whether OCR is needed and install/enable it only if required.
- Because this automates the GUI and clipboard, test in a safe environment (with a test WeChat account) to avoid sending messages to the wrong contact.
If you need higher assurance, ask the publisher to: (1) fix the documentation to match implemented functions, (2) remove or justify unnecessary dependencies, (3) re-enable pyautogui failsafe or add an explicit emergency-stop mechanism, and (4) declare any files the skill will create.Like a lobster shell, security has layers — review code before you run it.
latestvk973qk758wp37dg4v5ecq40gbs8218j0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.