References
ReviewAudited by ClawScan on May 10, 2026.
Overview
The advertised security audit is plausible, but the package also contains unrelated scripts that post to chat webhooks and process payment files without being disclosed.
Review this package carefully before installing. The core security audit behavior is understandable, but remove or ignore the unrelated reminder/payment scripts, rotate the exposed WeChat webhook, and only send reports to Feishu after checking that they do not contain sensitive details.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users cannot easily tell whether the reviewed package identity matches the registry listing they intended to install.
The registry metadata identifies this skill as slug "references" with a different owner ID, while the packaged _meta.json names a different slug and owner, creating a provenance/identity mismatch.
"ownerId": "kn7430vg2m3x4kthgg87bfw7bh82kmbh", "slug": "sx-security-audit"
Publish the package with consistent registry and internal metadata, and remove unrelated files before distribution.
If the key is valid, anyone with the skill files could use it to post messages to that WeChat webhook destination.
The bundled script embeds an Enterprise WeChat webhook key that grants message-posting authority, and this credential is not declared or relevant to the security-audit purpose.
curl -X POST "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=5cf9f411-..."
Remove the hardcoded webhook, rotate the exposed key, and require any messaging credentials to be user-provided and clearly documented.
If invoked, private financial or business documents could be read and summarized when the user expected only security auditing behavior.
This unmentioned script processes local payment/billing files and writes summaries/logs, which is outside the stated security-audit scope.
PAYMENT_DIR="${1:-~/payments}" ... for FILE in "$PAYMENT_DIR"/*.{pdf,png,jpg,jpeg,txt,csv,json}Remove this script from the security-audit skill or split it into a separate, clearly disclosed, user-invoked skill with explicit path approval.
The audit may read metadata about local credentials, secrets, and configuration files.
The intended audit checks inspect sensitive credential-related locations and environment variables; this is purpose-aligned but high-sensitivity.
扫描当前进程环境变量中的敏感信息 ... 检查 .ssh、.aws、.gnupg、OpenClaw 目录权限
Run it only in a trusted environment and review generated reports before sharing them.
Audit results and local security details may leave the machine and be posted to a collaboration service.
The skill can send generated security reports to Feishu via plugin API or webhook; this is disclosed and user-directed, but the report may contain sensitive security findings.
飞书 Webhook(通过 `--webhook` 或 `FEISHU_WEBHOOK_URL` 环境变量)
Use only trusted webhooks, avoid sending reports with raw secrets, and review/redact reports before transmission.