← Back to Skills Marketplace
Wechat To Ima
by
harven-droid
· GitHub ↗
· v0.1.1
· MIT-0
91
Downloads
1
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install wechat-to-ima
Description
Save WeChat Official Account articles into IMA notes with preserved article structure. Use when the user sends an mp.weixin.qq.com link and wants to save, ar...
Usage Guidance
This skill appears to implement its stated purpose, but exercise caution before installing/running it. Things to consider: 1) The registry metadata omitted required environment variables — you must provide IMA_OPENAPI_CLIENTID and IMA_OPENAPI_APIKEY; verify you trust the destination (ima.qq.com). 2) The Node extractor executes JavaScript snippets from fetched pages using new Function; this can execute code derived from untrusted web content — run the skill in a sandbox or isolated container and avoid feeding it untrusted or arbitrary URLs. 3) The Python script will load a local .env file from the skill directory and inject any keys it contains into the environment — ensure that .env does not contain unrelated or highly privileged secrets. 4) npm install will pull third-party packages — review package-lock or run in an environment where installing packages is safe. If you need higher assurance, ask the maintainer to (a) declare required env vars in registry metadata, (b) avoid executing page JS (or strongly sandbox it), and (c) document .env behavior; or run the tool manually in an isolated environment and review network traffic during an initial test.
Capability Analysis
Type: OpenClaw Skill
Name: wechat-to-ima
Version: 0.1.1
The skill is designed to extract WeChat articles and save them to IMA notes, but it contains a significant security vulnerability. Specifically, `scripts/extract.js` uses `new Function()` multiple times to execute JavaScript code extracted via regular expressions directly from the HTML of the provided URL. This creates a Remote Code Execution (RCE) risk if the agent is directed to a malicious URL designed to mimic a WeChat article. While this pattern is often used in WeChat scrapers to parse obfuscated metadata, it is inherently unsafe. No evidence of intentional malice, such as data exfiltration or backdoors, was found.
Capability Tags
Capability Assessment
Purpose & Capability
The skill's stated purpose (fetch WeChat article → import into IMA) matches the code: the Python script runs an extractor and posts to IMA. However the registry metadata claims no required environment variables while SKILL.md and the code require IMA_OPENAPI_CLIENTID and IMA_OPENAPI_APIKEY — this mismatch is an incoherence that should be fixed/clarified.
Instruction Scope
Runtime instructions and code fetch remote WeChat pages and parse them (expected). The Node extractor dynamically evaluates JavaScript found in page <script> blocks via new Function to recover embedded variables — this is risky because it effectively executes code derived from untrusted web pages. The Python wrapper also loads a local .env file (SKILL_DIR/.env) into process environment if present, which can pull secrets from disk into the run context. The skill writes a markdown file to the system temp dir and makes HTTP requests only to WeChat (via extractor) and IMA endpoints (ima.qq.com), which matches the purpose.
Install Mechanism
No formal install spec; SKILL.md instructs running npm install in the skill directory. package.json/package-lock are bundled and dependencies (cheerio, request-promise, etc.) are typical for HTML extraction. This is moderate-risk (you must npm install third-party packages locally) but not unusual for an extractor. Note: cheerio in the lockfile specifies a high minimum Node version.
Credentials
The only external credentials used are IMA_OPENAPI_CLIENTID and IMA_OPENAPI_APIKEY, which are proportional to importing into IMA. The concern is that the registry metadata did not declare these required env vars while SKILL.md and the script do; additionally the script will read a .env file from the skill directory and inject any keys there into the environment if present — that behavior should be documented and considered before use.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide agent settings, and its runtime footprint is limited to creating a temporary markdown file and making outbound HTTP requests to IMA and the article host. Autonomous invocation is allowed but is the platform default.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install wechat-to-ima - After installation, invoke the skill by name or use
/wechat-to-ima - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.1
Preserve code blocks as fenced Markdown when importing WeChat articles into IMA; load local .env for IMA credentials.
v0.1.0
Initial release: save WeChat articles to IMA with inline-image preservation, cover fallback, and readback verification.
Metadata
Frequently Asked Questions
What is Wechat To Ima?
Save WeChat Official Account articles into IMA notes with preserved article structure. Use when the user sends an mp.weixin.qq.com link and wants to save, ar... It is an AI Agent Skill for Claude Code / OpenClaw, with 91 downloads so far.
How do I install Wechat To Ima?
Run "/install wechat-to-ima" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Wechat To Ima free?
Yes, Wechat To Ima is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Wechat To Ima support?
Wechat To Ima is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Wechat To Ima?
It is built and maintained by harven-droid (@harven-droid); the current version is v0.1.1.
More Skills