Wechat Publisher
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a legitimate WeChat draft uploader, but it uses WeChat account credentials and uploads selected article content/images to WeChat, so users should protect credentials and confirm files before use.
Use this skill only if you want an agent to create WeChat Official Account drafts from specific local files. Confirm the files before upload, protect WX_APPID/WX_APPSECRET and .token_cache.json, and treat generated drafts or uploaded images as account content that may remain in WeChat until you manage or delete it there.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Chosen article content and images can be uploaded to WeChat, and a draft will be created in the connected Official Account.
The workflow sends local images and article HTML to WeChat and creates a draft in the user's Official Account; this is disclosed and matches the skill purpose, but it changes third-party account state.
THUMB_ID=$(python3 scripts/upload_thumb.py cover.jpg) ... WX_URL=$(python3 scripts/upload_img.py images/fig1.png) ... python3 scripts/upload_draft.py ... Output: media_id of the created draft.
Before invoking the skill, confirm the exact Markdown file, cover image, body images, title, and target account; remember that the artifact says the draft is not published automatically.
Anyone who can read the config, environment, terminal output, or token cache may gain temporary API access to the WeChat Official Account.
The helper reads WeChat app credentials, caches the resulting access token in the skill directory, and can print the token to stdout when run directly.
appid = os.environ.get("WX_APPID"); secret = os.environ.get("WX_APPSECRET") ... CACHE_FILE = Path(__file__).parent.parent / ".token_cache.json" ... print(token, end="")Prefer environment variables or a protected config file, restrict access to .token_cache.json, avoid sharing command output containing tokens, and rotate the AppSecret/token if exposed.
The install listing may not fully communicate what runtime and credentials are needed before a user reads the artifacts.
The registry metadata does not advertise provenance, Python runtime, or credential needs, although the SKILL/README disclose them; this is a metadata/provenance gap rather than hidden behavior in the supplied files.
Source: unknown; Homepage: none; Required binaries: none; Env var declarations: none; Primary credential: none; No install spec — this is an instruction-only skill.
Review the included scripts before adding credentials, install only from a publisher/source you trust, and update metadata to declare Python and WeChat credential requirements.