wechat-typeset-pro Security Report — Trusted | ClawSafe

5 /100

wechat-typeset-pro

微信公众号专业排版技能 — Markdown to WeChat-compatible inline-style HTML with 30 themes, gallery preview, and optional draft publishing

WeChat public account Markdown formatting tool with fully declared filesystem writes, shell subprocess calls, and WeChat API network access — all necessary and appropriate for its stated purpose.

Skill Namewechat-typeset-pro

Duration35.9s

Enginepi

✓

Safe to install

Skill is safe to use. No action required.

Findings 3 items

Severity	Finding	Location
Low	Output directory hardcoded in config.json config.json contains vault_root=/Users/yaohua.liu and output_dir=~/WorkBuddy/wechat-typeset-pro. The vault_root is used to search for Obsidian wiki-link images. This is clearly scoped and appropriate for a content formatting tool. `"vault_root": "/Users/yaohua.liu"` → No action needed. This path is used only for optional image resolution and matches the skill's legitimate purpose.	`config.json:3`
Low	config.json marked sensitive by pre-scan config.json was flagged as sensitive. Review shows it contains only configuration values (paths, theme settings) with empty WeChat credential fields — credentials are correctly loaded from ~/.openclaw/.env. No actual secrets are stored. `"wechat": { "app_id": "", "app_secret": "", "author": "" }` → No action needed. Secrets are not stored in config.json.	`config.json:1`
Info	No dependency version pinning requirements.txt / package.json absent; dependencies (markdown, requests, dotenv) are imported without pinned versions. This is a supply-chain hygiene issue rather than a security vulnerability. `import markdown, requests, dotenv` → Consider adding a requirements.txt with pinned versions for reproducibility.	`N/A`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	SKILL.md scripts/format.py & scripts/publish.py shell commands
Shell	`WRITE`	`WRITE`	✓ Aligned	scripts/publish.py:339 — subprocess.run(format_cmd)
Network	`READ`	`READ`	✓ Aligned	scripts/publish.py:76-241 — WeChat API calls to api.weixin.qq.com
Browser	`READ`	`READ`	✓ Aligned	scripts/format.py — webbrowser.open() for gallery preview
Environment	`READ`	`READ`	✓ Aligned	scripts/publish.py:36-43 — reads WECHAT_APP_ID/SECRET from env
Skill Invoke	`WRITE`	`WRITE`	✓ Aligned	SKILL.md:format.py + publish.py script orchestration

4 findings

🔗

Medium External URL 外部 URL

https://api.weixin.qq.com/cgi-bin/token

scripts/publish.py:76

🔗

Medium External URL 外部 URL

https://api.weixin.qq.com/cgi-bin/material/add_material

scripts/publish.py:99

🔗

Medium External URL 外部 URL

https://api.weixin.qq.com/cgi-bin/media/uploadimg?access_token=

scripts/publish.py:127

🔗

Medium External URL 外部 URL

https://api.weixin.qq.com/cgi-bin/draft/add?access_token=

scripts/publish.py:241

File Tree

36 files · 359.7 KB · 13211 lines

JSON 31f · 10028L Python 2f · 2233L HTML 2f · 704L Markdown 1f · 246L

├─ ▾ 📁 scripts

│ ├─ 🐍 format.py Python 1763L · 67.9 KB

│ └─ 🐍 publish.py Python 470L · 17.7 KB

├─ ▾ 📁 templates

│ ├─ 📄 gallery.html HTML 435L · 10.9 KB

│ └─ 📄 preview.html HTML 269L · 7.0 KB

├─ ▾ 📁 themes

│ ├─ 📋 bauhaus.json JSON 351L · 8.7 KB

│ ├─ 📋 bold-blue.json JSON 337L · 8.4 KB

│ ├─ 📋 bold-green.json JSON 337L · 8.4 KB

│ ├─ 📋 bold-navy.json JSON 337L · 8.4 KB

│ ├─ 📋 bytedance.json JSON 345L · 8.9 KB

│ ├─ 📋 chinese.json JSON 339L · 8.4 KB

│ ├─ 📋 coffee-house.json JSON 334L · 8.4 KB

│ ├─ 📋 elegant-blue.json JSON 335L · 8.3 KB

│ ├─ 📋 elegant-green.json JSON 335L · 8.3 KB

│ ├─ 📋 elegant-navy.json JSON 335L · 8.3 KB

│ ├─ 📋 focus-blue.json JSON 335L · 8.5 KB

│ ├─ 📋 focus-gold.json JSON 335L · 8.5 KB

│ ├─ 📋 focus-red.json JSON 335L · 8.5 KB

│ ├─ 📋 github.json JSON 335L · 8.3 KB

│ ├─ 📋 ink.json JSON 328L · 7.7 KB

│ ├─ 📋 lavender-dream.json JSON 333L · 8.4 KB

│ ├─ 📋 magazine.json JSON 332L · 8.3 KB

│ ├─ 📋 midnight.json JSON 340L · 9.0 KB

│ ├─ 📋 minimal-blue.json JSON 319L · 7.5 KB

│ ├─ 📋 minimal-gold.json JSON 319L · 7.5 KB

│ ├─ 📋 minimal-gray.json JSON 319L · 7.5 KB

│ ├─ 📋 minimal-navy.json JSON 319L · 7.5 KB

│ ├─ 📋 minimal-red.json JSON 319L · 7.5 KB

│ ├─ 📋 mint-fresh.json JSON 337L · 8.5 KB

│ ├─ 📋 newspaper.json JSON 340L · 8.3 KB

│ ├─ 📋 sports.json JSON 340L · 8.7 KB

│ ├─ 📋 sspai.json JSON 336L · 8.3 KB

│ ├─ 📋 sunset-amber.json JSON 335L · 8.5 KB

│ ├─ 📋 terracotta.json JSON 334L · 8.1 KB

│ └─ 📋 wechat-native.json JSON 335L · 8.4 KB

├─ 🔑 config.json ⚠ JSON 18L · 390 B

└─ 📝 SKILL.md Markdown 246L · 7.7 KB

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`markdown`	`*`	import	No	No requirements.txt; version not pinned
`requests`	`*`	import	No	No requirements.txt; version not pinned
`dotenv`	`*`	import	No	No requirements.txt; version not pinned

Security Positives

✓ WeChat credentials are loaded from environment variables (~/.openclaw/.env), not hardcoded in config.json

✓ SKILL.md fully documents all scripts, parameters, and credential requirements

✓ Subprocess calls are explicitly declared as part of the workflow (format.py → publish.py chain)

✓ All network requests go to official WeChat API domain (api.weixin.qq.com) — no third-party exfiltration

✓ No base64/eval/obfuscation patterns found in any Python script

✓ No access to sensitive paths such as ~/.ssh, ~/.aws, .env files

✓ File operations are scoped to user-provided input files and configured output directories

✓ No hidden functionality detected — all HTML containers, callout syntax, and gallery features are documented in SKILL.md

Scan Report

Findings 3 items

File Tree

Dependencies 3 items

Security Positives