ClawAudit verdict

wechat-miniprogram-toolkit

88
🟢 Trusted
Low risk — reviewed by ClawAudit, behavior matches stated purpose

Comprehensive WeChat mini-program development skill; network_in is for receiving official WeChat payment callbacks, which is the standard and legitimate mini-program integration pattern.

⚠ Flagged for review — coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.

Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.

0
security
100
transparency
90
maintenance

Findings (8)

Pattern match critical

<script> tag in markdown — potential code injection

references/advanced-render.md · code · <script

Pattern match high

Pipe to python — executes piped content as Python code

SKILL.md · prose · downgraded · | Python

Pattern match high

HTTP request to bare IP address — common in malicious payloads

references/hardware.md · code · http://192.168.1.1

Pattern match high

References child_process — can spawn system processes

references/typescript.md · code · child_process

Pattern match medium

Opens WebSocket connection

references/analytics.md · code · WebSocket

Pattern match medium

POSTs data to external URL

references/cloudhosting.md · code · .post( 'https://

Pattern match medium

Accesses sensitive environment variables

references/cloudhosting.md · code · process.env.WEIXIN_MCH_KEY

Pattern match medium

Popular HTTP library — network access

references/cloudhosting.md · code · axios

Why the tier is capped

Execution sink present in raw bytes (Hard Floor: class D). Final tier capped at Caution — cannot be lifted by any downgrade, example-payload opt-in, or allowlist.

Permissions & capabilities

No declared permissions — minimal attack surface.

network_in

Is this flag fair?

Check another skill Browse the registry Auditing your own skills or configs? Use the API