WeCom文件检测
企业微信聊天文件获取 - 从 ~/.openclaw/media/inbound/ 目录检测和获取通过聊天传递的文件。 当用户提到获取文件、发送文件、附件等请求时激活。
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 13 · 0 current installs · 0 all-time installs
MIT-0
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name and description say the skill will detect and get chat files from ~/.openclaw/media/inbound/ and the SKILL.md contains commands to list, find, read, and copy files in that directory — this is coherent. Minor mismatch: the doc references external tools (an "image tool", "markitdown", "minimax-ocr") that are not declared as required binaries or install steps.
Instruction Scope
The runtime instructions explicitly instruct the agent to list, read (cat), and copy files from a user home directory path (~/.openclaw/media/inbound/) and to create/archive files under companywork/. Those actions are within the stated purpose (retrieving attachments), but they do grant the skill access to local files and permit moving/archiving them. The guidance about using OCR/image tools is vague and could imply using external services or additional local binaries.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing will be written to disk at install time by the skill itself.
Credentials
The skill requests no environment variables or credentials. It does require access to a specific local path (~/.openclaw/media/inbound/) which is proportional to its purpose. Note: archiving files into companywork/ is a write operation that may move or duplicate sensitive files.
Persistence & Privilege
always is false and there is no indication the skill modifies other skills or system-wide settings. It will run only when triggered and does not request elevated privileges.
Assessment
This skill will read and copy files from ~/.openclaw/media/inbound/ when triggered (e.g., when you say "get file" or "send attachment"). Before enabling it, consider: (1) Privacy: it can access any files in that folder — don't enable it if sensitive PII/financial data may appear there. (2) Data flow: the instructions mention OCR/image tools but don't say whether those are local binaries or external services — clarify whether files will be sent off‑device. (3) Archival behavior: it suggests copying important files into companywork/, which may duplicate or relocate files; confirm the target path and permissions. (4) Missing dependency declarations: if you expect OCR/image processing, ensure required tools are installed and trusted. If you want tighter control, restrict triggers, test the skill in a safe environment, and require explicit confirmation before reading or archiving each file.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📎 Clawdis
SKILL.md
企业微信文件获取
当用户提到"获取文件"、"发送文件"、"附件"等请求时,自动从 inbound 目录检测和获取文件。
文件获取流程
1. 检测最新文件
当没有明确文件名时,扫描 inbound 目录获取最新文件:
ls -lt ~/.openclaw/media/inbound/ | head -20
2. 文件类型识别
支持的类型:
- 文档:.doc, .docx, .xls, .xlsx, .ppt, .pptx, .pdf, .md, .csv
- 图片:.png, .jpg, .jpeg, .gif
- 视频:.mp4, .mov
- 其他:.zip, .txt
3. 文件内容读取
根据文件类型选择读取方式:
- 文本文件:直接 cat
- CSV/Excel:转换为表格
- 图片:使用 image tool 识别
- Word/PDF:使用 markitdown 或 minimax-ocr
4. 文件存档
重要文件应存档到 companywork/ 相关目录:
mkdir -p companywork/AI赋能计划/
cp "源文件" "companywork/目标目录/"
常用命令
# 查看最近的文件
ls -lt ~/.openclaw/media/inbound/ | head -10
# 按类型查找
find ~/.openclaw/media/inbound/ -name "*.xlsx" -mtime -7
# 按关键词搜索
ls -lt ~/.openclaw/media/inbound/ | grep "关键词"
触发场景
- 用户说"获取文件"
- 用户说"发送附件"
- 用户说"看看有什么文件"
- 用户上传文件后没有反应
- 用户提到某个具体项目但没有附文件
注意事项
- 文件名可能包含时间戳和UUID
- WeCom可能将文件转换为文本格式(二进制内容丢失)
- 重要文件应及时存档到 companywork/
- 用完的临时文件可以保留在 inbound 供后续使用
Files
1 totalSelect a file
Select a file to preview.
Comments
Loading comments…