Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
fastfish 微信公众号(wechat)快速排版精简版
v1.0.4fastfish 开源精简版。提供公众号格式整理、敏感词检测(本地)、每日热点、本地 HTML 预览。热点推送需至少配置一个渠道的 env。无微信发布/授权,需商业版。通过 system.run 调用 CLI。
⭐ 0· 629·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to provide WeChat article formatting, local previews, sensitive-word checks, and hot-topic pushes; requiring python3 and invoking the fastfish-lite CLI is coherent with that purpose. Minor inconsistency: registry metadata sets MEDIA_AGENT_API_KEY as the primaryEnv while the SKILL.md states it is optional (used only for API auth).
Instruction Scope
SKILL.md explicitly instructs cloning https://github.com/superxs777/fastfish-lite and running pip install and Python scripts via system.run (get_hot_now.py, push_hot_to_im.py, etc.). The doc also contains explicit safety rules (do not output .env, restrict allowed scripts, avoid cron edits without consent). These instructions stay within the stated feature set, but they require running external code and will transmit data to configured webhooks (Feishu/DingTalk/Telegram), which is expected for push functionality but raises privacy/exfiltration risk that the user must accept.
Install Mechanism
There is no registry install spec, but SKILL.md instructs git clone + pip install from a GitHub repo. While GitHub is a typical source, clone + pip install enables arbitrary code execution (high supply-chain risk). The doc advises pinning tags and using isolated environments, which is good, but the install mechanism remains a real risk and requires user consent and review of the repo/requirements.txt before running.
Credentials
No required env vars are declared, but metadata lists MEDIA_AGENT_API_KEY as primaryEnv (yet SKILL.md says it's optional) and documents sensitive push credentials (HOT_PUSH_FEISHU_WEBHOOK, HOT_PUSH_DINGTALK_WEBHOOK, HOT_PUSH_DINGTALK_SECRET, HOT_PUSH_TELEGRAM_BOT_TOKEN+CHAT_ID) to be stored in .env. Those webhook/token secrets are proportional to push features, but the mismatch about the primary credential and the presence of multiple sensitive channel tokens warrants attention. The SKILL.md forbids exposing .env contents, which mitigates some risk if enforced.
Persistence & Privilege
The skill is not always:true and does not request permanent elevated privileges. It does instruct about cron jobs but explicitly forbids creating pull cron jobs without explicit user consent. No indications the skill will modify other skills or global agent settings.
What to consider before installing
This skill is largely coherent with its description but involves cloning and pip-installing a third‑party GitHub repo and using webhook credentials for push delivery — both are sensitive operations. Before installing or enabling it: (1) review the GitHub repo and requirements.txt and prefer a pinned release tag (git clone --branch vX.Y.Z); (2) run installation in an isolated environment or container (non-root) and use a Python virtualenv; (3) store webhook tokens and MEDIA_AGENT_API_KEY only in a secure .env or secret store and do not commit them; (4) confirm whether MEDIA_AGENT_API_KEY is actually needed for your use case and avoid setting unnecessary credentials; (5) accept that push features will transmit data to external endpoints (verify you trust api.pearktrue.cn and the webhook targets); (6) do not allow the agent to auto-run install steps — perform them manually after review. If you want stronger assurance, ask the maintainer for a release tarball and a reproducible lockfile (pip freeze / requirements.lock) or run security scans on the cloned repository before pip installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97ft80y50g6c2aaa7qs0b8fbd81vy4g
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binspython3
Primary envMEDIA_AGENT_API_KEY