Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Content System Feishu Bitable Sync
v1.0.0Sync a local `wechat-report` result into Feishu Bitable after the user has reviewed the report and confirmed the sync.
⭐ 0· 47·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code and SKILL.md match the stated purpose (reading local wechat-report JSON/MD and writing rows to Feishu Bitable). The required Feishu credentials (app id/secret, app token, table id) are appropriate for this integration. HOWEVER the registry metadata supplied with the skill declares no required environment variables or primary credential, which is inconsistent with the runtime and SKILL.md.
Instruction Scope
The runtime follows the documented flow: read the provided input file (markdown or JSON), optionally resolve a Raw JSON path referenced inside the markdown, obtain tenant/user tokens, and upsert records into Feishu. One noteworthy behavior: resolve_raw_payload_path will accept an absolute path parsed from the markdown and read it. That means a malicious or mistaken markdown input could cause the skill to read arbitrary local files referenced by the Raw JSON line. The skill also reads/writes token cache files and outputs under content-production/published as described — these are within the stated scope but should be noted.
Install Mechanism
This is instruction + runtime code only; there is no install spec that downloads arbitrary artifacts. No network install URLs or package downloads are present in the bundle, so install risk is low.
Credentials
The runtime (and SKILL.md/README) require FEISHU_APP_ID, FEISHU_APP_SECRET, FEISHU_BITABLE_APP_TOKEN, and FEISHU_BITABLE_TABLE_ID, which are proportionate for Feishu Bitale access. The concern is that the skill's registry metadata lists 'Required env vars: none' and 'Primary credential: none', which is incorrect and misleading — users may install without realizing they must provide sensitive app secrets. The runtime also uses cached user tokens (token cache files) which may contain sensitive tokens and should be stored/handled securely.
Persistence & Privilege
Flags show always=false and the skill does not request persistent platform privileges. It writes only to its own outputs (published CSV/MD) and token cache; there is no evidence it alters other skills or global agent settings.
What to consider before installing
This skill appears to legitimately sync local wechat-report data to Feishu Bitable, but beware: (1) the package metadata wrongly omits required environment variables — you must set FEISHU_APP_ID, FEISHU_APP_SECRET, FEISHU_BITABLE_APP_TOKEN, and FEISHU_BITABLE_TABLE_ID before running; (2) the skill will follow a 'Raw JSON:<path>' line in the input markdown and may read that absolute path from disk — only run it on trusted input in an isolated workspace; (3) it uses and caches user/tenant tokens locally (protect those files); and (4) if you need higher assurance, review the feishu_auth helper module (not included here) and inspect runtime.py end-to-end. If any of these are unacceptable, do not install or run the skill until the metadata and documentation are corrected and you’ve audited token handling.Like a lobster shell, security has layers — review code before you run it.
latestvk977cdzjx981etexwg8t0b4ged84cy07
License
MIT-0
Free to use, modify, and redistribute. No attribution required.