← 返回 Skills 市场
Weixin Connect
作者
EaseLearnAI
· GitHub ↗
· v1.0.0
· MIT-0
1162
总下载
0
收藏
5
当前安装
1
版本数
在 OpenClaw 中安装
/install weixin-connect
功能描述
连接个人微信(不是企业微信)。用户说"连接个人微信"、"接入个人微信"、"绑定个人微信"、"个人微信扫码"时使用本 skill。注意:如果用户说的是"企业微信"或"企微",本 skill 不适用,请使用 wecom-connect skill。一旦匹配本 skill,必须严格按流程执行到底,不得跳步或自由发挥。
安全使用建议
This skill appears to legitimately implement a personal WeChat connect flow, but exercise caution before running it: (1) Inspect the npm package @tencent-weixin/openclaw-weixin-cli (source repo, publisher, recent releases) before npx executes it — npx runs remote code. (2) Ask where upload_to_cdn uploads images (which CDN, what account, privacy policy); the SKILL.md forces use of a CDN and forbids alternatives, so QR images (which grant login) could be exposed externally. (3) Be aware the skill will write bot tokens to ~/.openclaw/openclaw-weixin/*.json and restart the gateway — ensure you trust the destination path and backup anything important. (4) If you cannot verify the npm package or the CDN, do not run the instructions; request the skill author to provide source code, a trusted install URL (GitHub release), or an option to use a local-only upload method. (5) Prefer testing in an isolated environment (VM or throwaway account) and validate the installed package contents before allowing it to run in your main account.
功能分析
Type: OpenClaw Skill
Name: weixin-connect
Version: 1.0.0
The skill 'weixin-connect' facilitates connecting a personal WeChat account via Tencent's iLink service but contains significant command injection vulnerabilities. In SKILL.md, the instructions direct the agent to fetch data from a remote API (ilinkai.weixin.qq.com) and inject it directly into shell commands and JavaScript files using 'sed' and 'node -e' without any input sanitization. This pattern (specifically in Step 2 and Step 4b) allows for potential code execution if the API response contains malicious characters. While the workflow appears legitimate, the unsafe handling of external data in shell execution poses a high risk.
能力评估
Purpose & Capability
Name/description (connect personal WeChat) align with the actual actions: call ilink API for QR code, generate PNG, persist credentials under ~/.openclaw/openclaw-weixin, and restart the OpenClaw gateway. Installing an OpenClaw Weixin plugin and writing bot tokens to the OpenClaw account directory are coherent with the stated purpose.
Instruction Scope
The SKILL.md prescribes exact shell commands including remote API calls, npm/node usage, writing credential files, and restarting the gateway — all within the scope of connecting WeChat. However it mandates using an upload_to_cdn step (no alternative allowed) and explicitly forbids exposing the raw qrcode URL or using other upload methods. That enforced CDN upload plus the lack of detail about what 'upload_to_cdn' does is a potential exfiltration vector. The doc also forbids reading other docs and forbids deviations, which reduces transparency and auditability.
Install Mechanism
The skill is instruction-only (no packaged install), but the runtime instructions call npx to install @tencent-weixin/openclaw-weixin-cli and run npm installs in /tmp and node scripts. npx/npm will fetch and execute remote code at runtime (moderate risk). There is no pinned registry URL or checksum, and upload_to_cdn is an opaque action — the mechanism relies on external packages and unspecified upload behavior.
Credentials
The skill does not request unrelated environment variables or secrets. It does persist ilink_bot_id/bot_token/baseurl/ilink_user_id into files under the user's home directory, which is necessary for operation but means credentials will exist on disk; this is proportionate to the purpose but worth noting.
Persistence & Privilege
The skill does not request 'always' or other elevated policy flags. It writes credential files under ~/.openclaw/openclaw-weixin and restarts the OpenClaw gateway (openclaw gateway restart), which is a privileged action affecting the local agent runtime — appropriate for activation but something the user should consent to and audit.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install weixin-connect - 安装完成后,直接呼叫该 Skill 的名称或使用
/weixin-connect触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial publish
元数据
常见问题
Weixin Connect 是什么?
连接个人微信(不是企业微信)。用户说"连接个人微信"、"接入个人微信"、"绑定个人微信"、"个人微信扫码"时使用本 skill。注意:如果用户说的是"企业微信"或"企微",本 skill 不适用,请使用 wecom-connect skill。一旦匹配本 skill,必须严格按流程执行到底,不得跳步或自由发挥。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1162 次。
如何安装 Weixin Connect?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install weixin-connect」即可一键安装,无需额外配置。
Weixin Connect 是免费的吗?
是的,Weixin Connect 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Weixin Connect 支持哪些平台?
Weixin Connect 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Weixin Connect?
由 EaseLearnAI(@easelearnai)开发并维护,当前版本 v1.0.0。
推荐 Skills