WeChat Auto Publisher

公众号自动化技能包 - 从选题到写作到发布全流程自动化，热点监控+AI写作+草稿管理。适合自媒体运营者、内容创作者。

What to consider before installing: - Metadata vs reality: The skill registry lists no required env vars, but the README/SKILL.md and code expect DASHSCOPE_API_KEY (百炼/Dashscope LLM) and optionally WECHAT_APP_ID/WECHAT_APP_SECRET for publishing. Treat that as a discrepancy — the skill will need secrets even though the registry doesn't declare them. - Secrets: Only provide an LLM API key with least privilege and usage limits. Do not give production WeChat credentials until you've audited the publish code and tested in a safe account. Consider creating a disposable/test WeChat account and a restricted API key for evaluation. - Install and dependencies: The bundle includes package.json but no installer metadata. You should run npm install in a controlled environment (e.g., disposable VM or container) and inspect installed packages before running. Avoid running npm install as root on critical hosts. - Prompt content and injection: SKILL.md contains system-style prompts and the code sends system/user prompts to the LLM — expected, but also flagged by scanners. Review those prompt templates to ensure they don't attempt to override your agent's system instructions or leak sensitive context. - Automatic publishing: autoPublish is off by default and README notes '自动发布（待实现）'. Do not enable automatic publishing to live accounts until you confirm the publish flow and safety checks; manual review of drafts is recommended. - Network & data: The skill fetches many public endpoints (Weibo, Zhihu, GitHub, Hacker News, 36Kr, Huxiu, Product Hunt, Reddit, TheVerge). That matches its purpose but means it will make outbound network requests. If you run this in a sensitive environment, sandbox it and monitor outbound traffic. - Recommended steps to evaluate safely: 1) Inspect the code locally (especially any 'publish' implementation if later added). 2) Run npm install and execute in an isolated container/VM. 3) Provide a test/limited DASHSCOPE key and a test WeChat account only. 4) Keep autoPublish disabled; verify drafts are generated in drafts/ before any posting. 5) Consider running static analysis or dependency scanning on package.json dependencies. If you need, I can point to the exact lines referencing DASHSCOPE_API_KEY and the WeChat config in the code, or help generate a minimal checklist/commands to safely run this in a sandbox.

Type: OpenClaw Skill Name: wechat-auto-publisher Version: 1.0.1 The skill is classified as suspicious primarily due to a hardcoded absolute file path in `scripts/zhihu-gen.js` (`C:/Users/Administrator/.openclaw/workspace/wechat-auto-publisher/data`). This non-portable path, intended for writing mock data, could lead to unintended file system writes outside the skill's designated directories if the execution environment differs from the assumed Windows path, posing a vulnerability. While the extensive network calls to various news and social media APIs are consistent with the stated purpose of hot topic monitoring, the overall reliance on external data sources and LLM APIs, combined with the file path vulnerability, warrants a 'suspicious' classification rather than 'benign'.