Wx Echo

自动从微信聊天提取待办、日程和干货，推送到 Discord 论坛，实现任务闭环追踪和管理。

What to consider before installing: - This skill will ask you to compile and run a C program as root (sudo) that scans the WeChat process memory to extract encryption keys. Running any memory-scanning binary as root is powerful and risky — only do it if you understand and trust the code and its origin. - The SKILL.md and prompt templates reference sensitive credentials but the skill metadata does not declare them. In particular: - Discord API examples use Authorization: Bot $DISCORD_BOT_TOKEN. Ensure you provide the bot token only via secure configuration, not by pasting it into a cron string or chat with the agent. The skill does not declare this env var; treat that as a gap. - Cron templates include placeholders for {{ssh_password}} and propose using sshpass. Embedding plaintext SSH passwords into cron jobs is insecure. Prefer SSH keys with passphrases or avoid remote SSH delegation entirely. - The skill will create cron jobs that periodically run decryption + extraction and push results out to Discord. If you enable cron automation, review exactly what commands will be scheduled before agreeing; do not allow the agent to register cron jobs blindly. - Recommended safe steps: 1. Review the full repository yourself (especially find_all_keys_macos.c and decrypt_db.py) and verify its provenance. The skill source is 'unknown' in metadata — prefer known upstream repos. 2. Run the decryption/extraction scripts manually on an isolated/local machine first (do not let the agent run sudo automatically). Confirm outputs and behavior. 3. Do not supply SSH passwords to the agent or embed them in cron. Use SSH keys or run the cron on the machine hosting WeChat. 4. Provide the Discord bot token via your secure OpenClaw/agent secret management (if available) rather than putting it into cron command strings. Confirm which process actually holds/uses the token. 5. If you must enable automation, restrict where the cron runs (local only), lock down file permissions on keys and output files, and monitor for unexpected network activity. - What would change this assessment: clear, trusted source (official GitHub) and explicit metadata declaring required env vars (e.g., DISCORD_BOT_TOKEN) and an explanation of why sudo is needed would reduce ambiguity. Conversely, any evidence of undisclosed network endpoints or exfiltration attempts would raise this to malicious. In short: the skill appears to implement what it claims, but it performs high-privilege local decryption and expects insecure credential handling in its default prompts — proceed only after manual review and tightening of credential/cron handling.

Type: OpenClaw Skill Name: wx-echo Version: 1.0.0 The 'wx-echo' skill bundle is designed to extract and analyze private WeChat messages, which involves high-risk operations. Most notably, it includes a C-based memory scanner (`find_all_keys_macos.c`) that requires `sudo` privileges to scrape encryption keys directly from the WeChat process memory. Additionally, the bundle contains scripts for full and incremental decryption of local SQLCipher databases (`decrypt_db.py`, `refresh_decrypt.py`) to access sensitive chat history. While these actions are aligned with the stated purpose of a personal assistant, the requirement for root-level memory access and the decryption of private communication data represent significant security and privacy risks.