ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

WeChat Mail Bridge (Windows/OpenClaw)

v0.1.2

Install, configure, run, and troubleshoot a Windows WeChat desktop automation and BHMailer/OpenClaw mail bridge bundle, including File Transfer Assistant wor...

0· 253·0 current·0 all-time
by@yjli-new
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The code and SKILL.md implement a plugin and a Windows sidecar that automate WeChat desktop and bridge BHMailer mail events to OpenClaw. Requested configuration (BHMAILER_*, BRIDGE_SHARED_SECRET, sqlite path, etc.) matches that purpose. There is no unexpected request for unrelated cloud credentials or distant services.
Instruction Scope
Runtime instructions in SKILL.md stay on-topic: they point operators to the bundle's install, config, and operations docs and tell operators to run the bundled scripts or inspect source. However, SKILL.md suggests using top-level scripts/*.bat for Windows setup while the shipped scripts in the bundle appear to be shell (bash) and plugin-side scripts; verify whether Windows-specific .bat entry points are actually present in the copy you install. Also the runtime expects editing environment/config files and running networked services — follow the docs and do not accept defaults blindly.
Install Mechanism
There is no remote download/install mechanism embedded in the SKILL.md; the bundle contains Node and Python source, package.json/package-lock and example configs. Dependencies are typical (fastify, better-sqlite3, zod) and come from npm; no suspicious external URLs or archive extraction steps found in the manifest.
Credentials
The bundle uses environment variables expected for this function (BRIDGE_SHARED_SECRET, BHMAILER_UID, BHMAILER_SIGN, BHMAILER_WEBHOOK_SECRET, SQLITE_PATH, etc.). This is proportional. Two operational cautions: defaults include an insecure shared secret ('dev-bridge-secret') and a default listen host of 0.0.0.0 — these are convenient for testing but dangerous in production if left unchanged. The skill does not request unrelated secrets.
Persistence & Privilege
The skill does not request forced/always-on privileges and registry flags show always:false and normal agent invocation. The bundle runs as a local service and a Windows sidecar that automates a desktop UI — that requires local user privileges which are appropriate for the declared functionality but should be limited to a dedicated/isolated host.
Assessment
This bundle appears to be what it says: a Windows WeChat desktop automation + BHMailer/OpenClaw bridge. Before installing, do the following: 1) Do not run with defaults — change BRIDGE_SHARED_SECRET from 'dev-bridge-secret' and do not bind the service to 0.0.0.0 on a public network unless you have a firewall and proper access controls. 2) Provide BHMAILER credentials only if you trust the provider and understand where mail data flows. 3) The Windows sidecar uses UI automation (pywinauto/uiautomation) and will interact with the logged-in WeChat client; run it only on a machine/account you dedicate to this purpose because it can read/send messages. 4) Confirm the apparent mismatch: SKILL.md mentions top-level .bat entrypoints but the bundle mostly contains bash scripts under bundle/plugin/scripts — verify which scripts you must run on Windows. 5) Review the bundled code (especially auth and any webhook handlers) and replace default secrets before exposing the service. If you want extra assurance, run the plugin and sidecar on an isolated network or VM and perform the provided smoke tests locally first.
!
config/windows-sidecar.example.toml:7
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

automationvk97c9zf8demzksf4gb3w5n85h982jkvtbhmailervk97c9zf8demzksf4gb3w5n85h982jkvtbridgevk97c9zf8demzksf4gb3w5n85h982jkvtdesktopvk97c9zf8demzksf4gb3w5n85h982jkvtlatestvk97c9zf8demzksf4gb3w5n85h982jkvtmailvk97c9zf8demzksf4gb3w5n85h982jkvtopenclawvk97c9zf8demzksf4gb3w5n85h982jkvtsidecarvk97c9zf8demzksf4gb3w5n85h982jkvtwechatvk97c9zf8demzksf4gb3w5n85h982jkvtwindowsvk97c9zf8demzksf4gb3w5n85h982jkvt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💬📨 Clawdis

Comments