wechat-article-downloader

SUSPICIOUS. The core article-downloading behavior matches the stated purpose, but the skill expands into credential capture for bulk account access and routes some operations through a third-party MCP endpoint rather than official WeChat APIs. Provenance signals suggest the repo and domain are related, so this is not confirmed malware, but the combination of credential handling, opaque local tooling, and third-party remote processing makes the skill medium/high risk.