wechat-rpa-bot

No concrete malicious code is shown (it is an installation guide), but it describes security-sensitive behavior: downloading and trusting an unverifiable native executable (service.exe) without integrity verification guidance, and activating it via a remote license flow that likely transmits device machine identifiers to www.yokoagi.com. This creates meaningful supply-chain and privacy/authorization risk that should be addressed by artifact verification (hash/signature), endpoint/data minimization review, and auditing of the referenced startup/SOP steps (especially batch-script generation and service execution).

This fragment is an OpenAPI spec, not executable code. However, it defines a highly privileged local WeChat RPA API with endpoints that can (a) send messages and post Moments including host file uploads via user-supplied absolute paths, (b) perform bulk/scheduled messaging, (c) enable autonomous automation features, (d) sync live contacts, and notably (e) includes an explicitly DANGEROUS auto-configuration endpoint that ‘kills WeChat and injects environment variables/debug ports’. Without seeing the server implementation, there is no direct proof of malware, but the described capabilities and file-path driven actions represent elevated security and abuse risk. Verify strict authorization for X-API-Key, strong path allowlisting/normalization, and confirm /auto_config does not expose debug/injection vectors beyond intended scope.

SUSPICIOUS. The skill’s WeChat automation capabilities largely fit its stated purpose, but it depends on an unverifiable Windows executable and then sends activation credentials into that binary, which triggers a high trust and credential-forwarding concern. Its unattended heartbeat-driven messaging and command flows also create significant real-world action risk.