wechat-reader 安全扫描报告 — 低风险 | ClawSafe

20 /100

wechat-reader

读取微信公众号文章内容，返回标题、公众号名、发布时间和正文

A legitimate WeChat public account article scraping tool using only Python standard library; no malicious behavior confirmed, but contains suspicious hardcoded IP address in User-Agent with no evidence of actual exfiltration.

技能名称wechat-reader

分析耗时37.7s

引擎pi

✓

可以安装

Acceptable for use as a web scraping utility. The hardcoded IP address (120.0.0.0) should be removed from the User-Agent string to eliminate ambiguity.

安全发现 2 项

严重性	安全发现	位置
中危	Suspicious hardcoded IP address in User-Agent 数据外泄 The User-Agent header contains a hardcoded IP address '120.0.0.0' which is in the private IP range (Class A). While the script only makes outgoing requests to user-supplied URLs, this IP address could serve as a tagging mechanism for requests (correlation tracking) or be replaced with a real IP for data exfiltration. No active exfiltration was observed in this analysis. `"User-Agent": "Mozilla/5.0 ... Chrome/120.0.0.0 Safari/537.36"` → Replace the hardcoded IP in the Chrome version string with a legitimate version number (e.g., Chrome/120.0.0.0 is already a valid format). If the IP is intentional tagging infrastructure, document it or remove it entirely.	`scripts/read_wechat.py:22`
低危	Undeclared network capability 文档欺骗 SKILL.md describes the tool's behavior but does not explicitly declare that the skill makes HTTP network requests. While this is implied by the mp.weixin.qq.com URL handling, explicit declaration of network:READ would improve transparency. `SKILL.md lacks any mention of network permissions` → Add a capabilities section to SKILL.md declaring 'network:READ' for fetching WeChat articles.	`SKILL.md:1`

资源类型	声明权限	推断权限	状态	证据
网络访问	`NONE`	`READ`	✓ 一致	scripts/read_wechat.py:20-24 urllib.request.Request + urlopen
文件系统	`NONE`	`NONE`	—	No filesystem access detected
命令执行	`NONE`	`NONE`	—	No subprocess or shell invocation

1 高危 1 项发现

📡

高危 IP 地址硬编码 IP 地址

120.0.0.0

scripts/read_wechat.py:22

目录结构

2 文件 · 5.9 KB · 177 行

Python 1f · 139L Markdown 1f · 38L

├─ ▾ 📁 scripts

│ └─ 🐍 read_wechat.py Python 139L · 4.6 KB

└─ 📝 SKILL.md Markdown 38L · 1.3 KB

安全亮点

✓ Uses only Python standard library (urllib.request, re, json, html) — no external dependencies

✓ No credential harvesting or environment variable access

✓ No subprocess or shell command execution

✓ No base64, eval, or obfuscation techniques

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ No persistence mechanisms (cron, startup hooks, backdoors)

✓ Request goes only to user-supplied mp.weixin.qq.com URLs

✓ No data exfiltration to external servers observed

✓ Functionality matches stated purpose in SKILL.md