← Back to Skills Marketplace
96
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install weclaw-installer
Description
Automate installing and configuring the WeClaw WeChat bot environment on macOS. Use when the user asks to download/install WeClaw, set up a local Python envi...
Usage Guidance
This skill instructs cloning and running code from an external GitHub repository while the core installer (setup_package.py) is not included in the skill bundle — that makes it impossible to audit what the installer will do. Before installing or running this skill: (1) Inspect the external GitHub repo yourself (especially setup_package.py) and confirm you trust its maintainer. (2) Do not paste your real API key until you understand how it will be used or stored; consider using a test key. (3) Run the installer in an isolated environment (VM/container) or on a throwaway account. (4) Ask the skill author to publish the missing setup_package.py (or include full installer code) and to declare the exact purpose of the API key. If you cannot review the external repository, do not run the skill.
Capability Analysis
Type: OpenClaw Skill
Name: weclaw-installer
Version: 1.0.0
The skill bundle acts as an installer for a WeChat bot that requires high-privilege macOS Accessibility permissions and an API key. It directs the agent to clone an external repository (https://github.com/Popilopi168/weclaw-package-upload-test) and executes logic via scripts/run_setup.py, which uses a brittle path traversal (parents[3]) to import the primary setup code from the workspace root. The combination of requesting sensitive permissions and executing unvetted external code not included in the bundle poses a significant security risk, even if it aligns with the stated purpose of UI automation.
Capability Assessment
Purpose & Capability
The name/description (WeClaw installer) matches the declared requirements (git, uv, python3) and the tasks (clone repo, run installer). However the skill package does not include the actual installer implementation (setup_package.py is referenced but absent), so the package cannot be verified as self-contained.
Instruction Scope
SKILL.md explicitly instructs the agent to clone an external GitHub repository and run a Python entrypoint that imports setup_package.setup_openclaw_package. The included wrapper (scripts/run_setup.py) will execute code from that external repo. The instructions also request an API key interactively. Downloading and executing code from an external, unreviewed repo and passing a user-provided API key to it is outside what can be validated from this skill bundle alone.
Install Mechanism
There is no formal install spec in the skill; instead the runtime instructions require cloning an external GitHub repository (https://github.com/Popilopi168/weclaw-package-upload-test) and executing Python code from it. Running arbitrary code fetched at runtime is higher risk because the executed module (setup_package.py) is not present in the published files for review.
Credentials
The skill declares no required environment variables but its runtime instructions tell the agent to ask the user for an API key (and pass it to the external setup). Asking for a single API key is reasonable for an installer, but the skill metadata does not declare this requirement and the behavior of code that receives the key (setup_package) cannot be audited here.
Persistence & Privilege
always is false and there is no install that persists or modifies other skills/system configs in the provided files. However, because the skill instructs execution of external code, autonomous invocation by the agent (default) would increase risk if the external code is malicious.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install weclaw-installer - After installation, invoke the skill by name or use
/weclaw-installer - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of weclaw-installer.
- Automates installing and configuring the WeClaw WeChat bot environment on macOS.
- Checks for required tools: git, uv, and python3.
- Guides users to fix blocked macOS Accessibility permissions and helps with API key setup.
- Provides a setup script (`python3 scripts/run_setup.py`) with CLI flags for API key and macOS permission confirmation.
- Ensures safety by only handling necessary config values, surfacing clear errors, and offering next steps.
Metadata
Frequently Asked Questions
What is Weclaw Installer?
Automate installing and configuring the WeClaw WeChat bot environment on macOS. Use when the user asks to download/install WeClaw, set up a local Python envi... It is an AI Agent Skill for Claude Code / OpenClaw, with 96 downloads so far.
How do I install Weclaw Installer?
Run "/install weclaw-installer" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Weclaw Installer free?
Yes, Weclaw Installer is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Weclaw Installer support?
Weclaw Installer is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin).
Who created Weclaw Installer?
It is built and maintained by Hang Yin (@popilopi168); the current version is v1.0.0.
More Skills