← Back to Skills Marketplace

WeChat MP Plus

Name: WeChat MP Plus
Author: huuuwnnn-droid

by huuuwnnn-droid · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install wechat-mp-plus

Description

Automate WeChat Official Account management with draft publishing, menu editing, auto-reply checking, and Markdown-to-HTML formatting.

Usage Guidance

This skill largely does what it says (WeChat MP management), but there are a few red flags to consider before installing or running it: - Metadata mismatch: the registry lists no required env vars, but the scripts require WECHAT_MP_APP_ID and WECHAT_MP_APP_SECRET. Don't trust the registry entry — provide those credentials only if you intend to connect to your WeChat Official Account. - Check .secrets behavior: the code will try to read a .secrets/wechat_mp.env file from specific locations (~/openclaw-workspace/.secrets/wechat_mp.env and a relative parent-level .secrets directory). If you keep secrets in a different path, the script may fail or may pick up other files unexpectedly. Ensure no sensitive credentials you don't want used are in those paths. - Pip auto-install: md2html.py will run pip to install 'markdown' and uses --break-system-packages. Run the scripts in an isolated virtualenv/container (or pre-install required packages) to avoid altering system packages. - Token cache: the access_token is cached in the system temp directory; if you need stricter controls, remove or relocate that cache. Recommendations: run in an isolated environment (virtualenv or container), verify/update the registry metadata to declare required env vars, inspect or remove any unexpected .secrets files under the paths the script checks, and consider removing the '--break-system-packages' behavior or preinstalling dependencies yourself.

Capability Analysis

Type: OpenClaw Skill Name: wechat-mp-plus Version: 1.0.0 The skill bundle is classified as suspicious due to a path traversal vulnerability in scripts/publish.py and scripts/md2html.py, where local image paths extracted from Markdown files are not sanitized before being read and uploaded to the WeChat API (api.weixin.qq.com). This could allow an attacker to exfiltrate sensitive local files by referencing them in a Markdown document. Additionally, scripts/md2html.py uses subprocess to automatically install the 'markdown' library via pip, which is a risky capability for dependency management. While these behaviors are aligned with the stated purpose of automating WeChat article publishing, the lack of path validation presents a meaningful security risk.

Capability Assessment

ℹ Purpose & Capability

The scripts (wechat_mp.py, publish.py, menu.py, md2html.py) implement WeChat MP features described (token management, upload, draft creation, menu, markdown→HTML). However the registry metadata claims no required env vars or credentials while SKILL.md and the code require WECHAT_MP_APP_ID and WECHAT_MP_APP_SECRET — this is an inconsistency that should be corrected.

ℹ Instruction Scope

SKILL.md limits actions to running the provided scripts and describes needed env vars or a .secrets file. The runtime behavior follows those instructions. Minor scope concerns: the SKILL.md does not document the exact filesystem paths the code will check for a .secrets/wechat_mp.env file (the code looks in specific locations), and the md2html script will attempt to install the 'markdown' package at runtime if missing.

⚠ Install Mechanism

There is no install spec (instruction-only), which is low risk, but md2html.py will auto-install the 'markdown' Python package via subprocess. The pip call uses the flag '--break-system-packages', which is aggressive and can alter system-managed Python packages in some environments — this increases risk and should be documented or avoided.

⚠ Credentials

The code reasonably requires only two credentials (WECHAT_MP_APP_ID and WECHAT_MP_APP_SECRET) for its WeChat API calls — appropriate for the stated purpose. But the registry metadata claims no required env vars (contradiction). The code also looks for a .secrets/wechat_mp.env in two specific locations (one under the user's home 'openclaw-workspace' and one relative to the script path several directories up), which could cause it to read credential files outside the skill folder; that should be explicit and verified.

✓ Persistence & Privilege

No 'always' privilege. The only persistent write is a token cache file in the system temp directory (wechat_mp_token.json), used to store access_token and expiry; this is reasonable for token caching and scoped to the temp directory.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install wechat-mp-plus
After installation, invoke the skill by name or use /wechat-mp-plus
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

v1.0.0: 微信公众号自动化 - 草稿发布、菜单管理、自动回复查询、Markdown排版（3套主题）

Metadata

Slug wechat-mp-plus

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is WeChat MP Plus?

Automate WeChat Official Account management with draft publishing, menu editing, auto-reply checking, and Markdown-to-HTML formatting. It is an AI Agent Skill for Claude Code / OpenClaw, with 42 downloads so far.

How do I install WeChat MP Plus?

Run "/install wechat-mp-plus" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is WeChat MP Plus free?

Yes, WeChat MP Plus is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does WeChat MP Plus support?

WeChat MP Plus is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created WeChat MP Plus?

It is built and maintained by huuuwnnn-droid (@huuuwnnn-droid); the current version is v1.0.0.

More Skills