Skillv1.0.0

ClawScan security

Daily Market Insight · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewFeb 24, 2026, 6:14 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (collect news → analyze → post a Feishu doc) is plausible, but its runtime instructions reference tools, local paths, and actions that are not declared in the metadata (notably an external CLI 'opencode', git usage, and writing into a home workspace), so the package is internally inconsistent and needs clarification before installing.
Guidance: Before installing, get answers to these questions: 1) Where does 'opencode sisyphus' come from? Confirm whether 'opencode' is a platform-provided tool or a third‑party CLI; ask for its homepage/source and an install spec. Running unknown CLIs can execute arbitrary code. 2) Will the agent have Feishu credentials? The skill will create docs and post messages to a Feishu group; ensure you understand which account/group will be used and that credentials/permissions are appropriate. 3) The SKILL.md instructs creating a git repo and writing files under ~/.openclaw/workspace/… — confirm you’re comfortable with the skill creating persistent files there (and review what data will be stored). 4) Ask the publisher for a homepage or source repository and for an install manifest that declares required binaries and any required environment variables. 5) If you want to test, run it in a sandboxed account/environment with limited Feishu permissions and inspect the files it creates. Because the instructions include running an external CLI and persisting data, treat this as potentially risky until the missing details are provided.

Review Dimensions

Purpose & Capability: concernThe skill says it will collect web news, run analysis, and push a Feishu document, which matches the declared openclaw requires: web_search, web_fetch, feishu_doc. However the SKILL.md additionally instructs running an external CLI ('opencode run --agent sisyphus') and to initialize a git repo; neither 'opencode' nor git are listed as required binaries or provided by an install spec. The SKILL.md also specifies local workspace paths for storage (~/.openclaw/workspace/...), but 'required config paths' is empty. These gaps are inconsistent with the stated purpose.
Instruction Scope: concernInstructions tell the agent to: perform web searches and fetches (expected), execute 'opencode' with an agent name (executes arbitrary analysis code), run 'git init' in the target directory, and write reports/logs to a specific home-directory path. The use of an external CLI to perform analysis (without declaring or providing it) and the explicit file system write locations expand the skill's scope beyond a simple web->report flow and could execute or persist code/data unexpectedly.
Install Mechanism: noteThere is no install spec (instruction-only) which is lowest risk in principle. But the SKILL.md's reliance on 'opencode' and git implies external binaries must be present; the absence of declared required binaries or an install step is an inconsistency: either the skill expects platform-provided tools or it will fail/attempt to run unknown binaries.
Credentials: concernThe skill pushes content to Feishu (feishu_doc) but declares no env vars or credentials. If the platform supplies Feishu credentials transparently, that may be OK; otherwise the skill omits required secrets. It also writes to ~/.openclaw/workspace/... (access to the user's home), which is a form of persistent storage not declared as a required config path. The skill does not request unrelated credentials, but it does require write access and an external CLI that may require network or tokens—these are not documented.
Persistence & Privilege: notealways:false (good). The metadata contains a cron schedule ('0 10 * * *'), so the skill is intended to run daily at 10:00 automatically. The skill will create files and a git repo under the user's workspace path and keep logs — that persistent disk presence is expected for a report generator but should be noted. There is no indication it modifies other skills or agent-wide settings.