Weixin Plugin Installer

This skill appears to implement what it claims (installing/enabling a Weixin plugin and managing QR login), but there are a few things to consider before installing: - Clarify the contradiction in SKILL.md that "forbids" the plugin package names while the install script installs @tencent-weixin/openclaw-weixin; prefer to run only the provided scripts, not ad-hoc commands. - The scripts call 'openclaw plugins install' and 'openclaw channels login' which will fetch and run external plugin code via OpenClaw — only proceed if you trust the OpenClaw plugin source that will be installed. - Logs for the login flow are written under $HOME/.openclaw/weixin-plugin-installer; these logs may contain sensitive tokens/cookies/session traces. Check and secure filesystem permissions for that directory and review logs for sensitive strings before sharing. - The skill schedules an asynchronous 'openclaw gateway restart' which can interrupt service; run this in a maintenance window or on a host where a restart is acceptable. - Use only in an admin/private context as instructed. If you need higher assurance, request the exact plugin release/package to be installed (origin, checksum) and audit the plugin package fetched by openclaw before allowing the install. If you want, I can (a) list the exact file paths the skill will write to, (b) show the exact openclaw CLI commands it will run, or (c) suggest a minimal safe checklist to run before enabling this skill on production.