微信公众号文章保存
PendingVirusTotal audit pending.
Overview
No VirusTotal analysis has been recorded yet. File reputation checks will appear here once the artifact hash has been scanned.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A crafted or parameterized URL could be mishandled by the shell, potentially causing unintended command behavior under the user's local account.
The workflow auto-runs a shell command using a user-provided URL placeholder, without specifying safe argument passing, quoting, escaping, or explicit approval before execution.
触发条件:URL 以 `https://mp.weixin.qq.com/` 开头 ... `npx -y bun {{BAOYU_SCRIPT_PATH}} <url> -o /tmp/wechat-article.md --timeout 60000`Validate the URL, pass it through a non-shell API or as a safely quoted argument, and require explicit user approval before running the helper command.
The code that actually fetches the article is outside this reviewed package and may be unpinned or replaced, so users cannot assess it from these artifacts alone.
The reviewed skill contains only SKILL.md but relies on an external helper script path and an unpinned npx/bun install-to-run command for its preferred fetch path.
`{{BAOYU_SCRIPT_PATH}}` ... `~/.openclaw/sandboxes/xxx/skills/baoyu-url-to-markdown/scripts/main.ts`; `npx -y bun {{BAOYU_SCRIPT_PATH}}`Include the helper code in the reviewed package or declare a pinned, trusted dependency and install process; users should verify the configured script path before use.
If Feishu is configured, the agent can modify data in the selected table; an incorrect record match could affect business data.
The optional Feishu integration can create records and, after confirmation, delete records in a configured Bitable.
用 `feishu_bitable_create_record` 创建一条新记录 ... `lark-cli base +record-delete --base-token {{FEISHU_APP_TOKEN}} --table-id {{FEISHU_TABLE_ID}} --record-id <record_id> --yes`Configure only the intended Feishu table, review record details before confirming deletion, and use least-privilege Feishu credentials where possible.
The external reader service may see the article URL and retrieve the article content during fallback processing.
The fallback path sends the selected WeChat article URL to the external Jina Reader service.
baoyu 失败 → Jina Reader:`https://r.jina.ai/<url>`
Use this fallback only for links you are comfortable sending to an external service, or disable/avoid the fallback for sensitive articles.
A modified prompt file or adversarial article content could influence the generated note content.
The skill reads a persistent local prompt file and combines it with scraped article content to guide model output saved back into the notes folder.
读取提示词:从上述路径读取完整的发芽提示词内容 ... 将已保存的文章 Markdown 内容 ... 作为"材料"输入给模型
Keep the prompt file trusted, treat article content as untrusted input, and review generated notes before relying on them.