← 返回 Skills 市场
WeChat MP Plus
作者
huuuwnnn-droid
· GitHub ↗
· v1.0.0
· MIT-0
42
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install wechat-mp-plus
功能描述
Automate WeChat Official Account management with draft publishing, menu editing, auto-reply checking, and Markdown-to-HTML formatting.
安全使用建议
This skill largely does what it says (WeChat MP management), but there are a few red flags to consider before installing or running it:
- Metadata mismatch: the registry lists no required env vars, but the scripts require WECHAT_MP_APP_ID and WECHAT_MP_APP_SECRET. Don't trust the registry entry — provide those credentials only if you intend to connect to your WeChat Official Account.
- Check .secrets behavior: the code will try to read a .secrets/wechat_mp.env file from specific locations (~/openclaw-workspace/.secrets/wechat_mp.env and a relative parent-level .secrets directory). If you keep secrets in a different path, the script may fail or may pick up other files unexpectedly. Ensure no sensitive credentials you don't want used are in those paths.
- Pip auto-install: md2html.py will run pip to install 'markdown' and uses --break-system-packages. Run the scripts in an isolated virtualenv/container (or pre-install required packages) to avoid altering system packages.
- Token cache: the access_token is cached in the system temp directory; if you need stricter controls, remove or relocate that cache.
Recommendations: run in an isolated environment (virtualenv or container), verify/update the registry metadata to declare required env vars, inspect or remove any unexpected .secrets files under the paths the script checks, and consider removing the '--break-system-packages' behavior or preinstalling dependencies yourself.
功能分析
Type: OpenClaw Skill
Name: wechat-mp-plus
Version: 1.0.0
The skill bundle is classified as suspicious due to a path traversal vulnerability in scripts/publish.py and scripts/md2html.py, where local image paths extracted from Markdown files are not sanitized before being read and uploaded to the WeChat API (api.weixin.qq.com). This could allow an attacker to exfiltrate sensitive local files by referencing them in a Markdown document. Additionally, scripts/md2html.py uses subprocess to automatically install the 'markdown' library via pip, which is a risky capability for dependency management. While these behaviors are aligned with the stated purpose of automating WeChat article publishing, the lack of path validation presents a meaningful security risk.
能力评估
Purpose & Capability
The scripts (wechat_mp.py, publish.py, menu.py, md2html.py) implement WeChat MP features described (token management, upload, draft creation, menu, markdown→HTML). However the registry metadata claims no required env vars or credentials while SKILL.md and the code require WECHAT_MP_APP_ID and WECHAT_MP_APP_SECRET — this is an inconsistency that should be corrected.
Instruction Scope
SKILL.md limits actions to running the provided scripts and describes needed env vars or a .secrets file. The runtime behavior follows those instructions. Minor scope concerns: the SKILL.md does not document the exact filesystem paths the code will check for a .secrets/wechat_mp.env file (the code looks in specific locations), and the md2html script will attempt to install the 'markdown' package at runtime if missing.
Install Mechanism
There is no install spec (instruction-only), which is low risk, but md2html.py will auto-install the 'markdown' Python package via subprocess. The pip call uses the flag '--break-system-packages', which is aggressive and can alter system-managed Python packages in some environments — this increases risk and should be documented or avoided.
Credentials
The code reasonably requires only two credentials (WECHAT_MP_APP_ID and WECHAT_MP_APP_SECRET) for its WeChat API calls — appropriate for the stated purpose. But the registry metadata claims no required env vars (contradiction). The code also looks for a .secrets/wechat_mp.env in two specific locations (one under the user's home 'openclaw-workspace' and one relative to the script path several directories up), which could cause it to read credential files outside the skill folder; that should be explicit and verified.
Persistence & Privilege
No 'always' privilege. The only persistent write is a token cache file in the system temp directory (wechat_mp_token.json), used to store access_token and expiry; this is reasonable for token caching and scoped to the temp directory.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install wechat-mp-plus - 安装完成后,直接呼叫该 Skill 的名称或使用
/wechat-mp-plus触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
v1.0.0: 微信公众号自动化 - 草稿发布、菜单管理、自动回复查询、Markdown排版(3套主题)
元数据
常见问题
WeChat MP Plus 是什么?
Automate WeChat Official Account management with draft publishing, menu editing, auto-reply checking, and Markdown-to-HTML formatting. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 42 次。
如何安装 WeChat MP Plus?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install wechat-mp-plus」即可一键安装,无需额外配置。
WeChat MP Plus 是免费的吗?
是的,WeChat MP Plus 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
WeChat MP Plus 支持哪些平台?
WeChat MP Plus 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 WeChat MP Plus?
由 huuuwnnn-droid(@huuuwnnn-droid)开发并维护,当前版本 v1.0.0。
推荐 Skills