canghe-post-to-wechat

SUSPICIOUS: overall coherent with a WeChat publishing skill, and the main data flows go to official WeChat services. Risk comes from transitive skill installation, remote Bun installer guidance, plaintext credential storage, and browser automation with profile/clipboard access; these are proportionate but broaden trust and execution scope.