Skillv0.1.0

ClawScan security

Zhy Markdown2wechat · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 15, 2026, 12:59 PM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill does what it says (converts Markdown to WeChat-ready inline-HTML) and its code/instructions are consistent with that purpose, but it dynamically installs npm packages at runtime and the metadata omits Node.js as a required binary — review before running.
Guidance: This skill is generally coherent with its purpose, but take these precautions before installing or running it: - Ensure Node.js is available where the agent will run (SKILL.md requires node but registry metadata omitted it). - The included script will run `npm install` at runtime to fetch marked@4 and juice@8 into a temporary folder; this performs network downloads from the npm registry (supply-chain risk). If you prefer, pre-install the dependencies in a controlled environment to avoid runtime network installs. - The script creates a .wechat-temp directory in the current working directory and attempts to remove it; run it in a workspace where that is acceptable and where npm can run. - Review the two packages (marked, juice) versions used so you are comfortable with them, and consider running the script locally first to verify behavior. - If you allow autonomous agent invocation, consider requiring explicit user confirmation before executing the conversion command to avoid unexpected execution.

Purpose & Capability: noteName/description (Markdown → WeChat HTML) match the included script and theme files. Minor metadata mismatch: the skill expects Node.js to be available and instructs running `node`, but the registry metadata lists no required binaries.
Instruction Scope: okSKILL.md confines actions to reading the provided markdown, reading theme CSS files from resources/themes, invoking scripts/convert.js, and producing an output HTML file. It does instruct the agent to execute the included Node script directly, which matches the stated purpose.
Install Mechanism: noteNo install spec in registry, but the script itself uses child_process.execSync to run `npm install <pkg> --no-save` into a temporary .wechat-temp directory at runtime. This performs network fetches from the npm registry and writes to disk (then attempts cleanup) — a moderate supply-chain/network action that is expected for this skill but worth attention.
Credentials: okThe skill does not request environment variables, credentials, or unrelated config paths. The script operates on files provided by the user and local theme files only.
Persistence & Privilege: okThe skill does not request always:true, does not change other skills' configs, and only creates/removes a local temporary directory (.wechat-temp) in the current working directory. It uses child_process but only to invoke npm install for the declared packages.