Send messages to WeCom (企业微信) via webhooks using MCP protocol. Works with Claude Code, Claude Desktop, and other MCP clients.
Security Analysis
high confidenceThe skill's code and instructions match its stated purpose (sending messages to a WeCom webhook); required secrets are proportionate, and there are no signs of unrelated or covert behavior.
The name/description (WeCom webhook sender) aligns with the code (src/index.ts / dist/index.js) and SKILL.md: the server sends text or markdown to the WECOM_WEBHOOK_URL via axios. The only real credential needed is the webhook URL, which is appropriate for the purpose. Note: registry metadata in the top-level listing reported 'Required env vars: none', but the packaged skill (skill.json and SKILL.md) explicitly require WECOM_WEBHOOK_URL — a metadata omission/inconsistency to be aware of.
SKILL.md limits runtime behavior to building/installing the skill, setting WECOM_WEBHOOK_URL, and registering the MCP server — it does not instruct reading other system files, credentials, or contacting external endpoints other than the user-supplied webhook. The MCP config example and usage are prescriptive and scoped to the WeCom webhook functionality.
This is instruction-only in the registry but the package includes source and package.json; installation relies on npm (npm install) which will fetch dependencies from the npm registry (axios, @modelcontextprotocol/sdk). There are no downloads from obscure URLs or extract-from-remote steps in the bundle. Using npm is a moderate-risk install vector (standard) — review dependencies and package-lock if you want to be thorough.
The skill requires WECOM_WEBHOOK_URL (and optionally WECOM_TIMEOUT_MS). These variables are appropriate and minimal for sending webhook messages. Important: treat WECOM_WEBHOOK_URL as a secret/credential (it lets whoever holds it post to the target chat).
The skill does not request 'always: true' or other elevated persistence. It does not modify other skills or system-wide configs. Model invocation is allowed (default) — meaning the agent could call this tool autonomously; this is expected for MCP skills but you should be aware it enables sending messages without manual intervention.
Guidance
This skill is internally consistent: it only sends messages to the WeCom webhook you provide. Before installing: (1) Verify the webhook URL is correct and that you trust the destination — treat WECOM_WEBHOOK_URL as a secret, because anyone with it can post messages. (2) Note the registry listing omitted the required env var even though skill.json and SKILL.md require it — don't rely solely on the registry summary. (3) Review src/index.ts (already included) if you want to confirm behavior; it only performs POSTs to the provided webhook using axios. (4) Because installation runs npm install, check package-lock and dependencies if you have policy constraints. (5) If you allow autonomous model invocation, remember the agent could send messages automatically; restrict agent permissions or run the skill in an isolated environment if that is a concern. Finally, the package has no homepage and the owner is not clearly identified — if provenance matters, ask the publisher for more information or prefer a version from a known source.
Latest Release
v1.0.2
- Improved documentation for better clarity and usability. - Enhanced setup and usage instructions, including environment variable and group chat integration details. - Updated image links and step-by-step instructions for configuring WeCom webhooks. - Added a download link for WeCom apps in the reference section. - Minor edits and clarifications throughout the guide.
More by @qidu
Published by @qidu on ClawHub
