ClawHub

Wechat Openclaw Skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent WeChat-to-OpenClaw integration, but installing it gives a bound WeChat account a persistent channel into OpenClaw.

Install only if you intend WeChat to become an access channel for your OpenClaw assistant. Review the Tencent WeChat plugin source/package before running the unpinned npx command, avoid sending secrets or regulated files through the channel, and configure authentication, whitelists, rate limits, and tool approval where available.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly encourages users to route WeChat texts, images, and files through an OpenClaw integration, but it omits any privacy notice, data-handling description, or warning about third-party transmission and retention. In a messaging context, this can cause users to expose sensitive personal or business content without informed consent, especially because the skill presents the integration as official and safe.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The installation flow tells users to run install commands and bind WeChat, but it does not clearly disclose that these actions may install software, enable a plugin, and modify local OpenClaw configuration. This reduces informed consent and can lead users to make system changes they did not fully understand, though the impact is primarily configuration and trust-related rather than direct code execution from the markdown itself.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The guide instructs users to connect OpenClaw to WeChat and explicitly supports text, image, file, and possibly voice messages, but it does not clearly warn that those contents will transit a third-party messaging platform and may be exposed to additional retention, metadata collection, or compliance risks. In a messaging integration context, omission of privacy and data-flow warnings can cause users to send sensitive business or personal data under unsafe assumptions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The configuration examples enable features such as autoReply and autoAccept without a clear warning about unintended responses, accidental approvals, or unauthorized interaction if the linked account receives unexpected messages. In a chat-control channel, these defaults can expand the attack surface by allowing automated handling before users understand trust boundaries and authentication requirements.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal