Security Audit

wechat

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

wechat received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include User instructed to grant 'Full Disk Access' to terminal.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	User instructed to grant 'Full Disk Access' to terminal The skill's documentation instructs the user to grant 'Full Disk Access' to their terminal application. While this may be necessary for the skill to access WeChat data in restricted directories on macOS, it grants extremely broad permissions to the terminal process. Any script executed by this terminal, including the skill's `wechat.py` script, would then have read/write access to the entire file system. If the `wechat.py` script were compromised or malicious, or if the user runs other untrusted code in the same terminal, this permission could be leveraged for widespread data exfiltration or system modification beyond the scope of WeChat data. Strongly advise users of the significant risks associated with granting 'Full Disk Access' to their terminal. If possible, explore more granular permission models or sandboxing techniques that limit access strictly to the WeChat data directory. Ensure the `wechat.py` script is thoroughly audited and verified to prevent abuse of these elevated privileges. Consider adding a prominent warning about the implications of this permission directly in the skill's documentation.	LLM	SKILL.md:31

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/5e5c4aad22b5aa70.svg)](https://skillshield.io/report/5e5c4aad22b5aa70)