← Back to Skills Marketplace
211
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install unianx-wecomdrive
Description
通过企业微信官方网页端操作微盘、文件夹、在线文档和表格。适用于检查登录状态、抓取并发送扫码二维码、下载或导出文件、在本地处理内容、生成报告后再通过网页端导入回企业微信微盘的场景。
Usage Guidance
What to consider before installing:
- Functionality fit: The code and SKILL.md match the described purpose: it uses Playwright (Node) to open WeCom pages, detect login walls, capture QR images, download exports, and a Python script to generate reports from .xlsx files.
- Missing declarations: The package and metadata declare node/npm but the repo and SKILL.md also use python3 and respect WECOM_DRIVE_BROWSER_PATH — ask the author to add python3 and any required env vars to the metadata so requirements are explicit.
- Persistent data: The skill will create .state (browser profile) and .outputs under the skill directory. Those files can include cookies/session state able to access the user's WeCom account; if you install this skill, treat the .state directory as sensitive and remove it when you no longer need persistent sessions.
- Installation: npm install will fetch playwright-core from the public npm registry (normal but remember npm supply-chain risk). Consider running installation in an isolated environment (container or ephemeral VM) if you are unsure.
- Operational caution: The script captures and saves a login QR image which the operator must forward to the user to complete login — the SKILL.md enforces this. Ensure you trust the skill source because it will be able to maintain and use a logged-in session.
- Recommended actions: request the author to (1) add python3 to required binaries, (2) declare WECOM_DRIVE_BROWSER_PATH in requires.env or documentation, (3) document exactly what .state stores and how to clear it. If you cannot verify the publisher (source is unknown), prefer running in an isolated environment and inspect the .state/.outputs contents before and after use.
Capability Analysis
Type: OpenClaw Skill
Name: unianx-wecomdrive
Version: 0.0.1
The skill bundle provides legitimate browser automation for Enterprise WeChat (WeCom) Drive and Docs. It uses Playwright in `wecom-drive-browser.mjs` to handle login sessions, capture QR codes for the user, and navigate the web interface. A Python script `generate_stutter_report.py` is included to process exported Excel data into HTML and DOCX reports locally. The instructions in `SKILL.md` are transparent, directing the agent to show QR codes to the user and maintain session persistence. No evidence of data exfiltration, malicious obfuscation, or unauthorized network activity was found.
Capability Assessment
Purpose & Capability
Name and description align with the included scripts: a Playwright-based Node script to inspect pages and capture login QR, plus a local Python report generator for Excel exports. However, SKILL.md and metadata declare only node/npm as required binaries while the runtime instructions and README show use of python3 for report generation—this required runtime dependency is not declared.
Instruction Scope
Instructions are focused on the stated task (open WeCom links, detect login, capture QR, download/parse/export files, and upload results). They explicitly direct writing screenshots and JSON into $SKILL_DIR/.outputs and a persistent browser profile under $SKILL_DIR/.state, which is necessary for session persistence but is sensitive because it can contain cookies and tokens. The scripts do not appear to read unrelated host files or call unexpected network endpoints beyond browsing the target web app.
Install Mechanism
This is instruction-first (no install spec). The repo expects running npm install which will fetch playwright-core from the public npm registry (package-lock shows a resolved registry.npmjs.org URL). That is a standard flow but carries the normal npm supply-chain risk. No arbitrary/obscure download URLs or extract-from-untrusted-host operations were found.
Credentials
Declared required env vars: none. But the Node script reads process.env.WECOM_DRIVE_BROWSER_PATH to locate a browser binary (an env var the metadata does not declare). The skill also implicitly requires python3 to run the included report script (not declared). The skill writes persistent browser profile data under .state (cookies/session data) — appropriate for keeping a login session but sensitive. These undeclared requirements and the creation of persistent auth-bearing files are disproportionate to what the metadata explicitly lists and should be made explicit.
Persistence & Privilege
The skill creates and uses a persistent browser profile directory ($SKILL_DIR/.state/chrome-profile) to keep sessions and may keep the browser open (--keep-open). It is not marked always:true and does not force inclusion in every agent run, but it does request persistent local storage of session state which can hold authentication cookies—this is functionally justified but privacy-sensitive.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install unianx-wecomdrive - After installation, invoke the skill by name or use
/unianx-wecomdrive - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.0.1
支持下载企业微信文档到本地及将本地处理完的文档上传到微盘
Metadata
Frequently Asked Questions
What is wecomdrive?
通过企业微信官方网页端操作微盘、文件夹、在线文档和表格。适用于检查登录状态、抓取并发送扫码二维码、下载或导出文件、在本地处理内容、生成报告后再通过网页端导入回企业微信微盘的场景。 It is an AI Agent Skill for Claude Code / OpenClaw, with 211 downloads so far.
How do I install wecomdrive?
Run "/install unianx-wecomdrive" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is wecomdrive free?
Yes, wecomdrive is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does wecomdrive support?
wecomdrive is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created wecomdrive?
It is built and maintained by Junjian (@junjiantech); the current version is v0.0.1.
More Skills