
Security News
PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems
PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.
dataagent-claw
Advanced tools
基于 @tencent-weixin/openclaw-weixin 源码里的微信协议,做了一个最小桥接器:
ilink/bot/getupdatesWEIXIN_TOKEN,并重新弹出微信扫码二维码POST /api/agent:chat SSE 接口ilink/bot/sendmessage 回消息复制 .env.example 为 .env,填入:
DATAAGENT_BASE_URLDATAAGENT_TOKENDATAAGENT_SESSION_IDDATAAGENT_SPACEDATAAGENT_AGENTWEIXIN_TOKEN 只作为运行期写回的凭据缓存。程序每次启动都会先清空它,然后在终端打印二维码,扫码成功后再写回 .env。
如果你的 DataAgent 接口依赖后台会话上下文,需要把浏览器里实际使用的 sessionId 填到 DATAAGENT_SESSION_ID。当前实现会按你给的完整 curl 一样发送:
sessionIdattachments: []x-authenticatorx-hostnamex-localex-rolex-spacesx-spaces-viewx-timezonex-with-acl-metaOriginReferer日志默认写入 .data/logs/dataagent-claw.log,也可以通过 LOG_FILE 覆盖。
首次使用可以先初始化当前目录配置:
npx dataagent-claw init
初始化后编辑当前目录下的 .env,再启动:
npx dataagent-claw
每次启动流程:
WEIXIN_TOKEN桥接器会把微信长轮询游标保存到 .data/weixin-sync-buf.json。
agent:chat 的请求和响应日志会持久化到 .data/logs/dataagent-claw.log。
发布到 npm 后,其他用户无需源码即可在任意目录直接运行:
npx dataagent-claw init
npx dataagent-claw
发布命令:
npm publish
如果包名已被占用,先把 package.json 里的 name 改成你自己的 npm 包名或作用域包名。
/clear 时清空该微信用户的历史对话上下文,并返回确认消息https://ilinkai.weixin.qq.compino 记录运行日志,并持久化 agent:chat 调用详情FAQs
A minimal Weixin bridge for DataAgent, runnable via npx.
We found that dataagent-claw demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.

Security News
Open source attacks are accelerating as AI coding agents pull in dependencies faster, with less human review.

Research
/Security News
Malicious Chrome and Firefox extensions posed as free VPNs while stealing clipboard data through later extension updates.