微信公众号内容自动生成与发布到草稿箱
ReviewAudited by ClawScan on May 11, 2026.
Overview
This skill is meant to automate WeChat public-account draft creation, but its account-publishing authority, unattended scheduling, and safety checks are not clearly bounded or reliably implemented.
Review carefully before installing. Do not give this skill WeChat/Tencent publishing credentials or enable its cron job until publishing requires explicit approval, precheck failures block publication, real sensitive-word/duplicate checks are implemented, and all required credentials are declared with clear scopes.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill can proceed from generation to account draft creation by default, which may affect a business or public account without a clear final approval gate.
Publishing to the WeChat draft box is part of the default workflow rather than a separately confirmed step.
if steps is None:
steps = ["generate", "check", "publish"]
...
draft_ok = publish_to_wechat_draft(content)Make publishing an explicit, user-confirmed step; default to generate/check only, and require review of each article before sending it to WeChat drafts.
Content that fails format, sensitive-word, or duplication checks may still continue toward WeChat draft creation.
A failed precheck is only added to a review queue; the workflow does not stop before the later publish block.
if not check_result["passed"]:
add_to_review_queue(content, "预检失败")
...
if "publish" in steps:Fail closed: abort the publish step whenever any precheck fails, and require manual approval to resume.
Users may trust the skill to filter legally or reputationally risky content when the provided code does not actually implement a meaningful filter.
The advertised sensitive-word and duplicate checks are implemented as placeholders, despite the skill describing built-in pre-publication safety checks.
sensitive_words = ["敏感词1", "敏感词2"] # 需配置 ... published_titles = [] # 需配置数据库
Clearly label these checks as unimplemented until real rule sets, data sources, and fail-closed behavior are provided.
If installed as documented, the skill could repeatedly create WeChat drafts on a schedule without a fresh human decision each day.
The documentation encourages a persistent scheduled task that runs the full generation/check/publish pipeline daily.
每天19:30自动执行完整流程 30 19 * * * cd /root/.openclaw/workspace/skills/wechat-content-pipeline && ... python3 scripts/run_pipeline.py --topic 深度学习 --count 8
Avoid unattended cron publishing, or add dry-run mode, rate limits, audit logs, and mandatory approval before any draft is created.
Users may provide API keys or WeChat/Tencent permissions without a clear credential contract, making it harder to judge what account access the skill needs.
The registry signals sensitive credentials but does not declare which credentials are required or how they are scoped.
Required env vars: none; Env var declarations: none; Primary credential: none; Capability signals: requires-sensitive-credentials
Declare all required credentials, scopes, and account permissions in metadata, and separate content-generation credentials from WeChat publishing authority.
The reviewed package does not show the implementation or safety controls of the publisher it expects to use.
The high-impact WeChat publishing function is delegated to another installed skill that is not included in the reviewed artifacts.
yaniw-wechat-publisher | 公众号直接发布 | ✅ 已安装
Review and trust the referenced publisher skill separately before allowing this workflow to access a WeChat account.