baoyu-post-to-weibo Security Report — Low Risk | ClawSafe

20 /100

baoyu-post-to-weibo

Posts text, images, videos, and long-form Markdown articles to Weibo via real Chrome browser (bypasses anti-bot detection).

A legitimate Weibo posting skill with declared browser automation and clipboard access; primary concern is a hardcoded IP address in vendor code with no active network usage.

Skill Namebaoyu-post-to-weibo

Duration97.7s

Enginepi

✓

Safe to install

Replace the hardcoded IP address 138.112.25.25 in vendor code with a domain name or remove it. Ensure the skill is only installed from trusted sources.

Findings 5 items

Severity	Finding	Location
High	Hardcoded IP address in vendor code The IP address 138.112.25.25 is hardcoded in scripts/vendor/baoyu-md/src/extensions/alert.ts at line 157. It appears within the icon field of the `important` alert variant. No active network calls to this IP were found in the codebase, suggesting it may be infrastructure fingerprinting or leftover debug data. type: `important`, icon: `<svg ...><path d="M0 1.75C0 .784.784 0 1.75 0h12...` → Replace the IP with a domain name or remove the reference entirely from the vendor code. This IP should not be present in a markdown processing library.	`scripts/vendor/baoyu-md/src/extensions/alert.ts:157`
Low	subprocess execution via npx -y bun The skill spawns 'npx -y bun' processes for clipboard operations (copy-to-clipboard.ts, paste-from-clipboard.ts). This is necessary for cross-platform clipboard handling but gives broad shell access. The behavior is declared in SKILL.md. `spawnSync('npx', ['-y', 'bun', scriptPath, ...args], { stdio: 'inherit' })` → Document that this requires npx/bun to be installed. Consider pinning the bun version.	`scripts/weibo-utils.ts:72`
Info	Chrome automation with anti-detection flags Launches Chrome with --disable-blink-features=AutomationControlled flag, which is used to bypass bot detection. While this is necessary for Weibo's anti-bot measures, it represents a deviation from standard browser behavior. `extraArgs: ['--disable-blink-features=AutomationControlled', '--start-maximized']` → No action needed — this flag is required for Weibo functionality and is declared in SKILL.md.	`scripts/weibo-utils.ts:101`
Info	Chrome profile persistence The skill stores Weibo session cookies in a persistent Chrome profile directory (~/.config/baoyu-skills/chrome-profile by default). This is necessary for avoiding repeated logins. `return path.join(base, appDataDirName, profileDirName)` → Ensure the Chrome profile directory permissions are restricted to the user.	`scripts/vendor/baoyu-chrome-cdp/src/index.ts:136`
Info	EXTEND.md custom config support The skill supports user-level configuration via EXTEND.md files at project, XDG, and user home paths. Malicious EXTEND.md files could override configuration. `EXTEND.md Supports: Default Chrome profile` → Only load EXTEND.md from trusted locations; validate configuration values.	`SKILL.md:7`

Resource	Declared	Inferred	Status	Evidence
Shell	`WRITE`	`WRITE`	✓ Aligned	SKILL.md:1 — '${BUN_X} {baseDir}/scripts/...' subprocess invocation declared
Browser	`WRITE`	`WRITE`	✓ Aligned	SKILL.md — Chrome CDP browser automation declared for Weibo posting
Clipboard	`WRITE`	`WRITE`	✓ Aligned	SKILL.md — copy-to-clipboard.ts and paste-from-clipboard.ts declared as part of …
Filesystem	`READ`	`READ`	✓ Aligned	SKILL.md — reads markdown files, images, videos from user-provided paths
Network	`READ`	`READ`	✓ Aligned	SKILL.md — connects to weibo.com and card.weibo.com for posting

1 High 22 findings

📡

High IP Address 硬编码 IP 地址

138.112.25.25

scripts/vendor/baoyu-md/src/extensions/alert.ts:157

🔗

Medium External URL 外部 URL

https://card.weibo.com/article/v3/editor

SKILL.md:104

🔗

Medium External URL 外部 URL

https://gemini.google.com/app

scripts/vendor/baoyu-chrome-cdp/src/index.test.ts:242

🔗

Medium External URL 外部 URL

https://softonit.ru/

scripts/vendor/baoyu-md/src/code-themes/1c-light.min.css:6

🔗

Medium External URL 外部 URL

https://highlightjs.org/

scripts/vendor/baoyu-md/src/code-themes/default.min.css:6

🔗

Medium External URL 外部 URL

https://creativecommons.org/licenses/by-sa/4.0

scripts/vendor/baoyu-md/src/code-themes/nnfx-dark.min.css:6

🔗

Medium External URL 外部 URL

http://www.w3.org/2000/svg

scripts/vendor/baoyu-md/src/constants.ts:79

🔗

Medium External URL 外部 URL

https://marked.js.org/

scripts/vendor/baoyu-md/src/extensions/alert.ts:23

🔗

Medium External URL 外部 URL

https://groups.google.com/g/mathjax-users/c/zThKffrrCvE?pli=1

scripts/vendor/baoyu-md/src/extensions/katex.ts:26

🔗

Medium External URL 外部 URL

https://www.plantuml.com/plantuml

scripts/vendor/baoyu-md/src/extensions/plantuml.ts:7

🔗

Medium External URL 外部 URL

https://plantuml.com/text-encoding

scripts/vendor/baoyu-md/src/extensions/plantuml.ts:35

🔗

Medium External URL 外部 URL

https://talk.commonmark.org/t/proper-ruby-text-rb-syntax-support-in-markdown/2279

scripts/vendor/baoyu-md/src/extensions/ruby.ts:5

🔗

Medium External URL 外部 URL

https://www.w3.org/TR/ruby/

scripts/vendor/baoyu-md/src/extensions/ruby.ts:6

🔗

Medium External URL 外部 URL

https://cdn-doocs.oss-cn-shenzhen.aliyuncs.com/npm/highlightjs/$

scripts/vendor/baoyu-md/src/utils/languages.ts:80

🔗

Medium External URL 外部 URL

https://weibo.com/

scripts/weibo-post.ts:16

📧

Info Email 邮箱地址

[email protected]

scripts/vendor/baoyu-md/src/code-themes/1c-light.min.css:4

📧

Info Email 邮箱地址

[email protected]

scripts/vendor/baoyu-md/src/code-themes/agate.min.css:3

📧

Info Email 邮箱地址

[email protected]

scripts/vendor/baoyu-md/src/code-themes/an-old-hope.min.css:3

📧

Info Email 邮箱地址

[email protected]

scripts/vendor/baoyu-md/src/code-themes/default.min.css:4

📧

Info Email 邮箱地址

[email protected]

scripts/vendor/baoyu-md/src/code-themes/felipec.min.css:3

📧

Info Email 邮箱地址

[email protected]

scripts/vendor/baoyu-md/src/code-themes/nnfx-dark.min.css:4

📧

Info Email 邮箱地址

[email protected]

scripts/vendor/baoyu-md/src/code-themes/tokyo-night-dark.min.css:5

File Tree

118 files · 325.1 KB · 8210 lines

TypeScript 36f · 6601L CSS 78f · 1408L Markdown 1f · 162L JSON 3f · 39L

├─ ▾ 📁 scripts

│ ├─ ▾ 📁 vendor

│ │ ├─ ▾ 📁 baoyu-chrome-cdp

│ │ │ ├─ ▾ 📁 src

│ │ │ │ ├─ 📜 index.test.ts TypeScript 307L · 9.3 KB

│ │ │ │ └─ 📜 index.ts TypeScript 523L · 16.8 KB

│ │ │ └─ 📋 package.json JSON 9L · 140 B

│ │ └─ ▾ 📁 baoyu-md

│ │ ├─ ▾ 📁 src

│ │ │ ├─ ▾ 📁 code-themes

│ │ │ │ ├─ 📄 1c-light.min.css CSS 8L · 1.1 KB

│ │ │ │ ├─ 📄 a11y-dark.min.css CSS 6L · 1.1 KB

│ │ │ │ ├─ 📄 a11y-light.min.css CSS 6L · 1.1 KB

│ │ │ │ ├─ 📄 agate.min.css CSS 19L · 1.3 KB

│ │ │ │ ├─ 📄 an-old-hope.min.css CSS 8L · 961 B

│ │ │ │ ├─ 📄 androidstudio.min.css CSS 1L · 611 B

│ │ │ │ ├─ 📄 arduino-light.min.css CSS 1L · 844 B

│ │ │ │ ├─ 📄 arta.min.css CSS 1L · 673 B

│ │ │ │ ├─ 📄 ascetic.min.css CSS 1L · 454 B

│ │ │ │ ├─ 📄 atom-one-dark-reasonable.min.css CSS 1L · 1.2 KB

│ │ │ │ ├─ 📄 atom-one-dark.min.css CSS 1L · 856 B

│ │ │ │ ├─ 📄 atom-one-light.min.css CSS 1L · 856 B

│ │ │ │ ├─ 📄 brown-paper.min.css CSS 1L · 656 B

│ │ │ │ ├─ 📄 codepen-embed.min.css CSS 1L · 600 B

│ │ │ │ ├─ 📄 color-brewer.min.css CSS 1L · 631 B

│ │ │ │ ├─ 📄 dark.min.css CSS 1L · 625 B

│ │ │ │ ├─ 📄 default.min.css CSS 8L · 1.1 KB

│ │ │ │ ├─ 📄 devibeans.min.css CSS 6L · 1.1 KB

│ │ │ │ ├─ 📄 docco.min.css CSS 1L · 837 B

│ │ │ │ ├─ 📄 far.min.css CSS 1L · 669 B

│ │ │ │ ├─ 📄 felipec.min.css CSS 6L · 1.2 KB

│ │ │ │ ├─ 📄 foundation.min.css CSS 1L · 779 B

│ │ │ │ ├─ 📄 github-dark-dimmed.min.css CSS 8L · 1.2 KB

│ │ │ │ ├─ 📄 github-dark.min.css CSS 9L · 1.3 KB

│ │ │ │ ├─ 📄 github.min.css CSS 9L · 1.3 KB

│ │ │ │ ├─ 📄 gml.min.css CSS 1L · 787 B

│ │ │ │ ├─ 📄 googlecode.min.css CSS 1L · 835 B

│ │ │ │ ├─ 📄 gradient-dark.min.css CSS 1L · 1.1 KB

│ │ │ │ ├─ 📄 gradient-light.min.css CSS 1L · 1.1 KB

│ │ │ │ ├─ 📄 grayscale.min.css CSS 1L · 1.6 KB

│ │ │ │ ├─ 📄 hybrid.min.css CSS 1L · 897 B

│ │ │ │ ├─ 📄 idea.min.css CSS 1L · 906 B

│ │ │ │ ├─ 📄 intellij-light.min.css CSS 1L · 1.0 KB

│ │ │ │ ├─ 📄 ir-black.min.css CSS 1L · 694 B

│ │ │ │ ├─ 📄 isbl-editor-dark.min.css CSS 1L · 971 B

│ │ │ │ ├─ 📄 isbl-editor-light.min.css CSS 1L · 952 B

│ │ │ │ ├─ 📄 kimbie-dark.min.css CSS 1L · 652 B

│ │ │ │ ├─ 📄 kimbie-light.min.css CSS 1L · 652 B

│ │ │ │ ├─ 📄 lightfair.min.css CSS 1L · 831 B

│ │ │ │ ├─ 📄 lioshi.min.css CSS 1L · 715 B

│ │ │ │ ├─ 📄 magula.min.css CSS 1L · 642 B

│ │ │ │ ├─ 📄 mono-blue.min.css CSS 1L · 631 B

│ │ │ │ ├─ 📄 monokai-sublime.min.css CSS 1L · 826 B

│ │ │ │ ├─ 📄 monokai.min.css CSS 1L · 814 B

│ │ │ │ ├─ 📄 night-owl.min.css CSS 1L · 1.4 KB

│ │ │ │ ├─ 📄 nnfx-dark.min.css CSS 9L · 1.4 KB

│ │ │ │ ├─ 📄 nnfx-light.min.css CSS 9L · 1.4 KB

│ │ │ │ ├─ 📄 nord.min.css CSS 1L · 2.6 KB

│ │ │ │ ├─ 📄 obsidian.min.css CSS 1L · 882 B

│ │ │ │ ├─ 📄 panda-syntax-dark.min.css CSS 1L · 1.1 KB

│ │ │ │ ├─ 📄 panda-syntax-light.min.css CSS 1L · 1.0 KB

│ │ │ │ ├─ 📄 paraiso-dark.min.css CSS 1L · 637 B

│ │ │ │ ├─ 📄 paraiso-light.min.css CSS 1L · 637 B

│ │ │ │ ├─ 📄 pojoaque.min.css CSS 1L · 814 B

│ │ │ │ ├─ 📄 purebasic.min.css CSS 1L · 734 B

│ │ │ │ ├─ 📄 qtcreator-dark.min.css CSS 1L · 815 B

│ │ │ │ ├─ 📄 qtcreator-light.min.css CSS 1L · 810 B

│ │ │ │ ├─ 📄 rainbow.min.css CSS 1L · 826 B

│ │ │ │ ├─ 📄 routeros.min.css CSS 1L · 862 B

│ │ │ │ ├─ 📄 school-book.min.css CSS 1L · 664 B

│ │ │ │ ├─ 📄 shades-of-purple.min.css CSS 1L · 854 B

│ │ │ │ ├─ 📄 srcery.min.css CSS 1L · 795 B

│ │ │ │ ├─ 📄 stackoverflow-dark.min.css CSS 12L · 1.2 KB

│ │ │ │ ├─ 📄 stackoverflow-light.min.css CSS 12L · 1.3 KB

│ │ │ │ ├─ 📄 sunburst.min.css CSS 1L · 950 B

│ │ │ │ ├─ 📄 tokyo-night-dark.min.css CSS 7L · 1.2 KB

│ │ │ │ ├─ 📄 tokyo-night-light.min.css CSS 7L · 1.2 KB

│ │ │ │ ├─ 📄 tomorrow-night-blue.min.css CSS 1L · 648 B

│ │ │ │ ├─ 📄 tomorrow-night-bright.min.css CSS 1L · 648 B

│ │ │ │ ├─ 📄 vs.min.css CSS 1L · 640 B

│ │ │ │ ├─ 📄 vs2015.min.css CSS 1L · 1.1 KB

│ │ │ │ ├─ 📄 xcode.min.css CSS 1L · 945 B

│ │ │ │ └─ 📄 xt256.min.css CSS 1L · 765 B

│ │ │ ├─ ▾ 📁 extensions

│ │ │ │ ├─ 📜 alert.ts TypeScript 284L · 19.3 KB

│ │ │ │ ├─ 📜 footnotes.ts TypeScript 89L · 2.4 KB

│ │ │ │ ├─ 📜 index.ts TypeScript 10L · 280 B

│ │ │ │ ├─ 📜 infographic.ts TypeScript 119L · 3.6 KB

│ │ │ │ ├─ 📜 katex.ts TypeScript 162L · 4.6 KB

│ │ │ │ ├─ 📜 markup.ts TypeScript 87L · 2.3 KB

│ │ │ │ ├─ 📜 plantuml.ts TypeScript 289L · 8.1 KB

│ │ │ │ ├─ 📜 ruby.ts TypeScript 125L · 3.9 KB

│ │ │ │ ├─ 📜 slider.ts TypeScript 73L · 2.9 KB

│ │ │ │ └─ 📜 toc.ts TypeScript 74L · 2.1 KB

│ │ │ ├─ ▾ 📁 themes

│ │ │ │ ├─ 📄 base.css CSS 39L · 816 B

│ │ │ │ ├─ 📄 default.css CSS 434L · 7.7 KB

│ │ │ │ ├─ 📄 grace.css CSS 136L · 2.5 KB

│ │ │ │ ├─ 📄 modern.css CSS 465L · 8.2 KB

│ │ │ │ └─ 📄 simple.css CSS 129L · 2.7 KB

│ │ │ ├─ ▾ 📁 utils

│ │ │ │ └─ 📜 languages.ts TypeScript 238L · 8.1 KB

│ │ │ ├─ 📜 cli.ts TypeScript 163L · 5.7 KB

│ │ │ ├─ 📜 constants.ts TypeScript 84L · 3.3 KB

│ │ │ ├─ 📜 content.test.ts TypeScript 93L · 2.3 KB

│ │ │ ├─ 📜 content.ts TypeScript 105L · 3.1 KB

│ │ │ ├─ 📜 document.test.ts TypeScript 140L · 4.3 KB

│ │ │ ├─ 📜 document.ts TypeScript 206L · 6.7 KB

│ │ │ ├─ 📜 extend-config.ts TypeScript 57L · 2.3 KB

│ │ │ ├─ 📜 html-builder.test.ts TypeScript 71L · 2.5 KB

│ │ │ ├─ 📜 html-builder.ts TypeScript 142L · 4.4 KB

│ │ │ ├─ 📜 images.test.ts TypeScript 79L · 2.5 KB

│ │ │ ├─ 📜 images.ts TypeScript 156L · 4.1 KB

│ │ │ ├─ 📜 index.ts TypeScript 10L · 307 B

│ │ │ ├─ 📜 render.ts TypeScript 43L · 1.2 KB

│ │ │ ├─ 📜 renderer.test.ts TypeScript 64L · 2.0 KB

│ │ │ ├─ 📜 renderer.ts TypeScript 442L · 13.3 KB

│ │ │ ├─ 📜 themes.ts TypeScript 62L · 1.8 KB

│ │ │ └─ 📜 types.ts TypeScript 78L · 1.8 KB

│ │ └─ 📋 package.json JSON 21L · 450 B

│ ├─ 📜 copy-to-clipboard.ts TypeScript 380L · 11.9 KB

│ ├─ 📜 md-to-html.ts TypeScript 170L · 4.8 KB

│ ├─ 📋 package.json JSON 9L · 207 B

│ ├─ 📜 paste-from-clipboard.ts TypeScript 194L · 5.5 KB

│ ├─ 📜 weibo-article.ts TypeScript 1072L · 45.9 KB

│ ├─ 📜 weibo-post.ts TypeScript 272L · 9.6 KB

│ └─ 📜 weibo-utils.ts TypeScript 138L · 4.5 KB

└─ 📝 SKILL.md Markdown 162L · 7.5 KB

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`bun`	`unpinned`	runtime	No	Runtime dependency; npx -y bun used as fallback. Version not pinned in package.json
`baoyu-chrome-cdp`	`file:./vendor/baoyu-chrome-cdp`	local vendor	No	Local vendor library for Chrome CDP automation
`baoyu-md`	`file:./vendor/baoyu-md`	local vendor	No	Local vendor library for markdown rendering; contains hardcoded IP 138.112.25.25

Security Positives

✓ No credential harvesting — skill only accesses environment variables for configuration (WEIBO_BROWSER_CHROME_PATH, BAOYU_CHROME_PROFILE_DIR), not for credential theft

✓ No data exfiltration — all network connections are to legitimate Weibo domains (weibo.com, card.weibo.com)

✓ User-review-required publishing — scripts explicitly leave browser open for manual review before publishing

✓ No base64-encoded commands or eval patterns — all code is readable TypeScript

✓ Subprocess and clipboard access are documented in SKILL.md

✓ Chrome session data stays local — stored in user-specific profile directories

✓ All vendor code (baoyu-chrome-cdp, baoyu-md) appears to be legitimate open-source libraries for markdown rendering and Chrome CDP automation

✓ No curl|bash or wget|sh remote script execution patterns

Scan Report

Findings 5 items

File Tree

Dependencies 3 items

Security Positives