feat(weixin): add trusted iLink channel#2240
Merged
Merged
Conversation
| try { | ||
| const res = await fetch(`${this.baseUrl}/${endpoint}`, { | ||
| method: "POST", | ||
| headers: headers(this.token), |
esengine
approved these changes
May 29, 2026
esengine
left a comment
Owner
There was a problem hiding this comment.
Reviewed the security model — it mirrors the proven Telegram (#2168/#2222) and Feishu (#2185) channels, and the essentials check out:
- Fail-closed access:
decideWeixinAccessgates on owner/allowlist/runtime and ends in{ accept: false, reason: "unauthorized" }— an unconfigured channel rejects everyone. - Authenticated ingress, no forgeable webhook:
/weixin connectdoes QR login and the bot connects outbound to the iLink/OpenClaw API with the token (nocreateServer/inbound endpoint), so there's no public webhook to spoof — the authenticated connection is the trust boundary. - Dispatch gated on
acceptRemoteInputbefore a message reaches the agent (9 call sites). - Token isolation: the sensitive bot token is persisted in the account store, not the main config — good call.
CI green, follows the established channel shape, by the same author as the Telegram work. I didn't deep-audit the iLink/OpenClaw API client itself, but the channel's security contract is sound, which is what matters for a remote tool-driving surface. Merging.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Adds a scoped Weixin remote channel backed by Tencent iLink/OpenClaw bot APIs.
/weixin connectnow runs QR login, persists the sensitive bot token in the Reasonix account store instead of the main config, and wires trusted Weixin messages into the existing slash/confirmation/final-reply path. Manual token setup remains available as/weixin connect manual [token accountId [baseUrl]].Why
Weixin support has come up in multiple places: the broader chat bridge RFC in #410 (comment), the focused Weixin issue in #2237 (comment), and the discussion request in #22 (comment).
This implementation deliberately uses the iLink protocol that Weixin exposes for OpenClaw-style bot access instead of browser automation, unofficial web hooks, or personal-client scraping. That keeps the integration on the intended bot API path and should avoid the account-ban risk associated with automating the normal WeChat client login surface.
How to verify
npm run verify/weixin connectand scan the iLink QR code from WeChat/weixin status/weixin disconnectChecklist
npm run verifypasses locally (lint + typecheck + tests + comment-policy gate)Co-Authored-By: Claudetrailer in commitsCHANGELOG.md— release notes are maintainer-written at release time