← 返回 Skills 市场
211
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install unianx-wecomdrive
功能描述
通过企业微信官方网页端操作微盘、文件夹、在线文档和表格。适用于检查登录状态、抓取并发送扫码二维码、下载或导出文件、在本地处理内容、生成报告后再通过网页端导入回企业微信微盘的场景。
安全使用建议
What to consider before installing:
- Functionality fit: The code and SKILL.md match the described purpose: it uses Playwright (Node) to open WeCom pages, detect login walls, capture QR images, download exports, and a Python script to generate reports from .xlsx files.
- Missing declarations: The package and metadata declare node/npm but the repo and SKILL.md also use python3 and respect WECOM_DRIVE_BROWSER_PATH — ask the author to add python3 and any required env vars to the metadata so requirements are explicit.
- Persistent data: The skill will create .state (browser profile) and .outputs under the skill directory. Those files can include cookies/session state able to access the user's WeCom account; if you install this skill, treat the .state directory as sensitive and remove it when you no longer need persistent sessions.
- Installation: npm install will fetch playwright-core from the public npm registry (normal but remember npm supply-chain risk). Consider running installation in an isolated environment (container or ephemeral VM) if you are unsure.
- Operational caution: The script captures and saves a login QR image which the operator must forward to the user to complete login — the SKILL.md enforces this. Ensure you trust the skill source because it will be able to maintain and use a logged-in session.
- Recommended actions: request the author to (1) add python3 to required binaries, (2) declare WECOM_DRIVE_BROWSER_PATH in requires.env or documentation, (3) document exactly what .state stores and how to clear it. If you cannot verify the publisher (source is unknown), prefer running in an isolated environment and inspect the .state/.outputs contents before and after use.
功能分析
Type: OpenClaw Skill
Name: unianx-wecomdrive
Version: 0.0.1
The skill bundle provides legitimate browser automation for Enterprise WeChat (WeCom) Drive and Docs. It uses Playwright in `wecom-drive-browser.mjs` to handle login sessions, capture QR codes for the user, and navigate the web interface. A Python script `generate_stutter_report.py` is included to process exported Excel data into HTML and DOCX reports locally. The instructions in `SKILL.md` are transparent, directing the agent to show QR codes to the user and maintain session persistence. No evidence of data exfiltration, malicious obfuscation, or unauthorized network activity was found.
能力评估
Purpose & Capability
Name and description align with the included scripts: a Playwright-based Node script to inspect pages and capture login QR, plus a local Python report generator for Excel exports. However, SKILL.md and metadata declare only node/npm as required binaries while the runtime instructions and README show use of python3 for report generation—this required runtime dependency is not declared.
Instruction Scope
Instructions are focused on the stated task (open WeCom links, detect login, capture QR, download/parse/export files, and upload results). They explicitly direct writing screenshots and JSON into $SKILL_DIR/.outputs and a persistent browser profile under $SKILL_DIR/.state, which is necessary for session persistence but is sensitive because it can contain cookies and tokens. The scripts do not appear to read unrelated host files or call unexpected network endpoints beyond browsing the target web app.
Install Mechanism
This is instruction-first (no install spec). The repo expects running npm install which will fetch playwright-core from the public npm registry (package-lock shows a resolved registry.npmjs.org URL). That is a standard flow but carries the normal npm supply-chain risk. No arbitrary/obscure download URLs or extract-from-untrusted-host operations were found.
Credentials
Declared required env vars: none. But the Node script reads process.env.WECOM_DRIVE_BROWSER_PATH to locate a browser binary (an env var the metadata does not declare). The skill also implicitly requires python3 to run the included report script (not declared). The skill writes persistent browser profile data under .state (cookies/session data) — appropriate for keeping a login session but sensitive. These undeclared requirements and the creation of persistent auth-bearing files are disproportionate to what the metadata explicitly lists and should be made explicit.
Persistence & Privilege
The skill creates and uses a persistent browser profile directory ($SKILL_DIR/.state/chrome-profile) to keep sessions and may keep the browser open (--keep-open). It is not marked always:true and does not force inclusion in every agent run, but it does request persistent local storage of session state which can hold authentication cookies—this is functionally justified but privacy-sensitive.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install unianx-wecomdrive - 安装完成后,直接呼叫该 Skill 的名称或使用
/unianx-wecomdrive触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.0.1
支持下载企业微信文档到本地及将本地处理完的文档上传到微盘
元数据
常见问题
wecomdrive 是什么?
通过企业微信官方网页端操作微盘、文件夹、在线文档和表格。适用于检查登录状态、抓取并发送扫码二维码、下载或导出文件、在本地处理内容、生成报告后再通过网页端导入回企业微信微盘的场景。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 211 次。
如何安装 wecomdrive?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install unianx-wecomdrive」即可一键安装,无需额外配置。
wecomdrive 是免费的吗?
是的,wecomdrive 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
wecomdrive 支持哪些平台?
wecomdrive 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 wecomdrive?
由 Junjian(@junjiantech)开发并维护,当前版本 v0.0.1。
推荐 Skills