首页 / 技能 / WeChat File Sender — 微信文件直发

📦 WeChat File Sender — 微信文件直发

v1.0.1

通过 Node.js 与 PowerShell 脚本,在 Windows 端自动化操控微信窗口、剪贴板与键盘,一键把本地文件发给指定好友或群聊,无需手动拖拽,适合批量通知与快速分享。

0· 126·0 当前·0 累计
26048608982lp-ai 头像by @26048608982lp-ai
自动化文件处理生产力工具
下载技能包
最后更新
2026/3/31
0
安全扫描
VirusTotal
可疑
查看报告
OpenClaw
可疑
medium confidence
NULL
评估建议
What to consider before installing: - The skill will open WeChat and cause the client to send whatever local file you pass; that is network transmission by WeChat even though the script itself makes no direct network calls. Do not use this on sensitive files unless you intend to send them. - Inspect the included PowerShell (send-file.ps1) yourself before running. The skill runs it with -ExecutionPolicy Bypass; that is needed for operation but also means the script will run even if system policie...
详细分析 ▾
用途与能力
Name/description align with provided files and instructions: the JS + PowerShell use Windows UI Automation, clipboard, and Win32 calls to control the WeChat desktop client. No unrelated credentials, binaries, or packages are requested.
指令范围
The SKILL.md and scripts perform window automation, clipboard manipulation, and will cause the WeChat client to transmit the chosen file to a contact. The skill claims "No network calls, no data exfiltration," which is misleading because sending a file via the user’s WeChat client will transmit that file off the machine. The instructions also require running a bundled PowerShell script with ExecutionPolicy Bypass — appropriate for operation but a notable security vector if the script is modified or misused.
安装机制
Instruction-only skill (no install spec) with included JS and inline PowerShell source. Nothing is downloaded from external URLs during install, so no additional install-related network risk is introduced by the skill itself.
凭证需求
No environment variables, credentials, or config paths are requested. The skill requires local file-system access to whichever absolute path the caller supplies (expected for a file-sender), and it runs PowerShell with -ExecutionPolicy Bypass which is local but worth noting as it allows the included script to run without changing system policy.
持久化与权限
always:false (normal) and the skill does not request system-wide persistence. However, the platform default allows autonomous invocation; combined with the ability to read local files and send them via WeChat, this increases potential for unwanted transmission of sensitive files if the agent is permitted to run the skill without human oversight.
scripts/send-file-to-wechat.js:58
Shell command execution detected (child_process).
安全有层次,运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv1.0.12026/3/31

NULL

可疑

安装命令

点击复制
官方npx clawhub@latest install wechat-file-sender
镜像加速npx clawhub@latest install wechat-file-sender --registry https://cn.longxiaskill.com
数据来源ClawHub ↗ · 中文优化:龙虾技能库