by 安全扫描
OpenClaw
可疑
medium confidenceThe skill's behavior matches its description (GUI automation to send WeChat messages) but there are small inconsistencies and a meaningful privilege risk: it asks for macOS Accessibility control (noted as for “node”), which grants broad UI control and should be reviewed before granting.
评估建议
What to consider before installing:
- The scripts do what they claim: control the WeChat GUI using AppleScript/JXA and the clipboard. That requires macOS Accessibility (UI automation) permission for the process that runs the scripts — this is powerful: any process granted that permission can synthesize keystrokes and clicks in other apps.
- Verify who will receive the Accessibility permission. If your OpenClaw gateway runs as a Node process, the README's reference to 'node' may be correct; but i...详细分析 ▾
ℹ 用途与能力
The scripts clearly implement GUI automation to send text and files to WeChat, which matches the skill description. Minor inconsistency: SKILL.md and README ask you to grant macOS Accessibility permission to 'node', but the shipped scripts are bash + osascript/JXA. Granting permission to 'node' may be required by the gateway/runtime, but the package itself does not declare or require Node explicitly.
ℹ 指令范围
Runtime instructions and the scripts operate only on the WeChat UI: activating WeChat, searching contacts, clicking the input field, setting the clipboard, and sending Enter. They do not call external network endpoints, nor read arbitrary system files (the image script reads only the provided file path). They do use the clipboard (the message and file are placed on clipboard) and compute click coordinates from window bounds; this can misaddress messages if the search returns unexpected results.
✓ 安装机制
Instruction-only with embedded scripts and no installation/download steps. No external packages or network pulls are performed during install. Low install-surface risk.
⚠ 凭证需求
No API keys or config files are requested (good). However, the skill explicitly requires granting macOS Accessibility permission to 'node' (or the runtime), which is a high-privilege request: Accessibility access allows controlling other apps and synthesizing input system-wide. This is functionally required for GUI automation but is a broad privilege and should be granted only to a trusted process/user.
ℹ 持久化与权限
The skill does not request permanent 'always' inclusion and does not modify other skills. The main privilege concern is the need for macOS Accessibility (a system-level permission) granted to whatever runtime executes the scripts — this is not persistence in the registry sense but is a powerful system-level capability.
安全有层次,运行前请审查代码。
运行时依赖
🖥️ OSmacOS
版本
latestv1.0.02026/3/16
- Initial release of WeChat message sending automation for macOS. - Send text messages and images/files to individual WeChat contacts by controlling the WeChat desktop app’s UI. - Uses AppleScript and JXA to automate contact search, message pasting, and sending. - Requires WeChat for Mac, Accessibility permissions, and the app window to be open. - Does not support reading messages, group management, or use as a chat channel.
● 可疑
安装命令
点击复制官方npx clawhub@latest install wechat-message-sender
镜像加速npx clawhub@latest install wechat-message-sender --registry https://cn.longxiaskill.com镜像同步中