ClawHub
Back to skill
v1.0.1

Wechat Formatter

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:11 AM.

Analysis

This appears to be a simple local Markdown-to-WeChat text formatter, with no evidence of network access, credential use, hidden behavior, or destructive actions.

GuidanceThis skill looks safe for its stated purpose: it locally converts Markdown text and prints the result. Before installing or using it, be aware that the optional installer writes files under ~/.openclaw and may create a wechat-formatter command, and only run the clipboard example on files you have reviewed and intend to share.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
install.sh
mkdir -p ~/.openclaw/skills/wechat-formatter
cp wechat_formatter.py ~/.openclaw/skills/wechat-formatter/
ln -sf ~/.openclaw/skills/wechat-formatter/wechat_formatter.py ~/.openclaw/bin/wechat-formatter

The included installer writes the formatter into the OpenClaw skills directory and creates a command symlink, even though the registry section says there is no install spec.

User impactRunning the installer changes local OpenClaw files and may add a persistent command, but the actions are local and consistent with making the formatter usable from the command line.
RecommendationReview install.sh before running it, and remove ~/.openclaw/skills/wechat-formatter or the wechat-formatter symlink if you no longer want the command installed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
wechat-formatter ~/.openclaw/workspace/memory/2026-03-09-day2.md | pbcopy

The documentation gives a user-directed example that reads a file from an OpenClaw memory/workspace path and copies the formatted result to the clipboard.

User impactIf the referenced memory file contains private notes or diary content, following this example could place that private content on the clipboard for later pasting or publication.
RecommendationOnly format and copy files you intend to publish, and review the output before pasting it into WeChat or any public editor.