ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Weixin Send Media

v1.0.2

Send images, PDFs, and other local files into an OpenClaw Weixin chat. Use when the user asks to send a picture, screenshot, PDF, document, attachment, or ot...

0· 97·0 current·0 all-time
by@starlxa
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (send images/PDFs/attachments to an OpenClaw Weixin chat) aligns with the instructions (create/select a local file and send via the OpenClaw CLI). However, the SKILL.md explicitly requires running the 'openclaw' CLI while the skill metadata lists no required binaries—this mismatch should be resolved or documented.
!
Instruction Scope
Instructions permit using arbitrary absolute local paths and copying files from project folders into a deliveries/* directory before sending. There is no explicit constraint or confirmation step to prevent sending sensitive system files. The SKILL.md also expects access to 'trusted inbound metadata' (account_id, chat_id) but the metadata source and availability are not documented in the registry entry.
Install Mechanism
This is an instruction-only skill (no install spec, no code files), which minimizes disk-install risk. Still, it depends on the presence of the OpenClaw CLI at runtime but does not declare that binary as required in the registry—an inconsistency to fix.
Credentials
The registry requests no environment variables or credentials. The SKILL.md relies on inbound chat metadata (account_id and chat_id) rather than env vars, which is plausible, but the dependency on that metadata should be documented. No other credentials are requested, which is proportionate.
Persistence & Privilege
The skill is not marked always:true and is user-invocable. It does not request persistent presence or attempt to modify other skills or system-wide settings.
What to consider before installing
This skill does what it says (sending local files to a Weixin chat) but before installing consider: 1) Confirm the OpenClaw CLI is available on agents that will run this skill — the SKILL.md uses 'openclaw' but the registry did not declare it as a required binary. 2) Understand and verify how 'trusted inbound metadata' (account_id, chat_id) is provided and ensure it cannot be spoofed. 3) Require explicit user confirmation before sending files outside project/deliveries or from sensitive system paths; otherwise the skill could be used to send arbitrary local files. 4) If you want to limit risk, restrict the agent's filesystem access or disallow use of absolute paths, or reject the skill unless it documents the CLI dependency and adds safeguards (prompting before sending files outside approved directories).

Like a lobster shell, security has layers — review code before you run it.

latestvk971xr59nbs966ybtwnvwah6z583mdt4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments