claude-wechat-bridge-with-files

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a clearly disclosed WeChat-to-Claude bridge with media handling, but it has real privacy and local retention risks users should understand.

Install only if you intentionally want WeChat messages and selected attachments routed into Claude Code. Use a dedicated WeChat account, pin and review the third-party npm package before updates, avoid confidential chats or documents, manually clean saved media when finished, and stop the bridge when it is not actively needed.

SkillSpector (2)

By NVIDIA

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The README explicitly states that incoming images, documents, audio, and video are written to a persistent local directory and that absolute filesystem paths are injected into messages for Claude to read. This creates a real privacy and data-handling risk because sensitive user media may remain on disk unexpectedly and path disclosure can expose local environment details, yet the documentation does not warn users about retention, access controls, or cleanup.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The bridge forwards inbound message content and sender identifiers to an MCP notification channel, which is a cross-system data transfer of potentially sensitive user communications. In the context of a WeChat-to-Claude bridge, this is expected behavior, but it still creates real privacy and data exposure risk if users have not explicitly consented or if the downstream MCP consumer is less trusted than the WeChat source.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

49/49 vendors flagged this skill as clean.

View on VirusTotal