WeChat Draft Publisher
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill appears to do what it advertises, but it uses your WeChat account credentials and can create drafts and upload media in that account.
Install this only if you want OpenClaw to create drafts in the configured WeChat official account. Keep config.json and environment variables private, use a trusted image provider, review drafts in WeChat before public publishing, and avoid the optional --publish path unless you intend to submit immediately.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone running this skill with valid credentials lets it act through that WeChat official account to upload media and create drafts.
The skill uses the configured WeChat AppID and AppSecret to obtain an access token, which is expected for WeChat official-account API access but grants authority over the configured account.
params = {"grant_type": "client_credential", "appid": self.appid, "secret": self.appsecret}Use credentials only for the intended account, keep config.json private, and rotate the AppSecret if it may have been exposed.
A normal invocation can add drafts and media to your WeChat account; using the optional publish flag can submit content for public publishing.
The script creates a WeChat draft by default and has an explicit optional path to submit it for publication. This is purpose-aligned, but it mutates a third-party account.
media_id = wechat.add_draft(...); if args.publish: publish_id = wechat.submit_publish(media_id)
Review generated drafts in the WeChat backend before publishing, and do not use the --publish option unless you intentionally want immediate submission.
Article image prompts and the image API credential may be visible to the chosen image-generation service.
When AI images are enabled, prompts and the image API key are sent to the configured image provider. This is expected for image generation, but the provider is user-configured and should be trusted.
headers = {"Authorization": f"Bearer {self.api_key}", "Content-Type": "application/json"}; payload = {"prompt": prompt, "size": size}; resp = requests.post(self.api_base_url, ...)Use a trusted image API endpoint and avoid placing confidential information in image prompts.
Dependency behavior can vary depending on what versions pip resolves at install time.
The Python dependencies use lower-bound version ranges, so future package versions may be installed. This is common but less reproducible than pinned versions.
requests>=2.28.0 Pillow>=9.0.0
Install in a virtual environment and consider pinning known-good dependency versions for production use.