← Back to Skills Marketplace

Weibo Manager

Name: Weibo Manager
Author: hmyaoyuan

by HMyaoyuan · GitHub ↗ · v1.0.2

cross-platform ⚠ suspicious

1111

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install weibo-manager

Description

Manage Weibo posts via Puppeteer with a secure request-approve-execute workflow for drafting, reviewing, and publishing text and images.

Usage Guidance

Key things to consider before installing/running this skill: - It contains real executable Node scripts (Puppeteer) but declares no required binaries or env; you will need Node, npm, and a Chrome binary and you should review and install dependencies in a controlled environment. - The skill requires a cookies.json file with Weibo session cookies (sensitive). Do not provide cookies to untrusted code; prefer manual, audited cookie export and storage with least privilege. - The SKILL.md forbids autonomous publishing, but the skill metadata does not enforce that — an agent or other automation could run publisher.js directly. If you must use this, disable autonomous invocation or ensure strict admin approval controls. - The code calls out to other local skills/tools (skills/feishu-sender/* and 'uv run ...') and some scripts reference absolute user paths (e.g. /Users/runchen/...). Audit those called scripts (feishu-sender and nano-banana-ultra) before running — they may transmit data off-host. - Child-process execution is used for notifications and image generation; verify what those subprocesses do and where they send data (Feishu chat IDs are passed around). Ensure Feishu credentials and endpoints are legitimate. - Recommendation: do not run this on a production or personal machine until you: (1) review all referenced files (feishu-sender, nano-banana-ultra scripts), (2) fix hard-coded executablePath and absolute user paths, (3) explicitly provide/lock down cookies.json, (4) document and supply required env creds, and (5) disable autonomous invocation or enforce an approval gate. Running inside an isolated VM or container and monitoring network activity is advised if you still want to test it.

Capability Analysis

Type: OpenClaw Skill Name: weibo-manager Version: 1.0.2 The OpenClaw AgentSkills skill bundle for Weibo management and image generation contains critical shell injection vulnerabilities. Multiple scripts (`src/approve_post.js`, `src/force_login.js`, `src/login.js`, `src/request_publish.js`) use `child_process.execSync` to execute other internal skills, passing user-controlled inputs (such as `chat_id` and `content`) directly as shell arguments without proper sanitization. This flaw could allow an attacker to achieve Remote Code Execution (RCE) by crafting malicious input. While the `SKILL.md` demonstrates security awareness by explicitly warning against prompt injection from external sources and enforcing an approval workflow, the code itself introduces severe vulnerabilities. There is no evidence of intentional malicious behavior like data exfiltration to external endpoints or persistence mechanisms, but the RCE risk makes it suspicious.

Capability Assessment

⚠ Purpose & Capability

The package contains many Puppeteer-based scripts to login, publish, delete posts and also many unrelated image-generation helpers. However the registry metadata declares no required binaries, no env vars and no primary credential. In reality the code requires Node, Chrome (executablePath is hard-coded to macOS Chrome), a cookies.json session file, and appears to rely on a separate 'feishu-sender' skill. Those runtime needs are not declared, which is inconsistent and disproportionate to the (missing) short description.

⚠ Instruction Scope

SKILL.md emphasizes a strict Request->Approve->Execute flow and forbids autonomous publishing or reading comments. But the code executes external commands (child_process.execSync) to call other scripts (skills/feishu-sender/*) and runs external generators via 'uv run ...'. Several generation scripts reference absolute user-local file paths (e.g. /Users/runchen/.openclaw/...), meaning the skill can read local files; the README does not disclose this. The skill also requires a cookies.json containing session cookies (sensitive) but does not enumerate how that file is protected or validated.

⚠ Install Mechanism

No install spec is provided even though package.json and package-lock.json are present and the code depends on many npm packages (puppeteer-core, puppeteer-extra, axios, etc.). The absence of an install step is a mismatch: running these scripts will require installing dependencies and a suitable browser binary. The code also invokes external tools via 'uv run', which pulls in other skill code at runtime — this increases the attack surface and is not documented in SKILL.md.

⚠ Credentials

The skill declares no required env vars, but uses dotenv and invokes other skills (feishu-sender) that almost certainly need Feishu API credentials; those credentials are not declared. It requires an explicit cookies.json (sensitive auth data) but does not declare that as a required secret. Several generator scripts refer to absolute user file paths, which could cause access to arbitrary local files — that is disproportionate and risky relative to a simple Weibo publishing description.

⚠ Persistence & Privilege

The skill is not marked always:true (good), but platform metadata leaves autonomous invocation enabled while SKILL.md forbids any autonomous publishing and requires human approval. That is a behavioral mismatch: nothing in the metadata enforces the safety constraint expressed in SKILL.md, so an agent could call publisher.js directly if misconfigured or maliciously instructed.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install weibo-manager
After installation, invoke the skill by name or use /weibo-manager
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.2

weibo-manager 1.0.2 - No code or documentation changes detected in this release. - All functionality, workflow, and usage remain unchanged.

v1.0.1

weibo-manager 1.0.1 - Added comprehensive documentation (SKILL.md) covering security requirements, publish workflow, command usage, technical notes, and directory structure. - Clarified mandatory human approval flow: all publishing must strictly follow a Request → Approve → Execute sequence, with no autonomous publishing allowed. - Specified manual cookie provisioning and security guidelines to avoid prompt injection risks. - Outlined precise shell command examples for both drafting and executing Weibo posts, including support for image uploads and newline formatting. - Detailed file organization and pending post handling for easier setup and maintenance.

Metadata

Slug weibo-manager

Version 1.0.2

License —

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is Weibo Manager?

Manage Weibo posts via Puppeteer with a secure request-approve-execute workflow for drafting, reviewing, and publishing text and images. It is an AI Agent Skill for Claude Code / OpenClaw, with 1111 downloads so far.

How do I install Weibo Manager?

Run "/install weibo-manager" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Weibo Manager free?

Yes, Weibo Manager is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Weibo Manager support?

Weibo Manager is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Weibo Manager?

It is built and maintained by HMyaoyuan (@hmyaoyuan); the current version is v1.0.2.

More Skills