Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Factory (Walter)
v2.1.1创建新的 OpenClaw Agent 并自动配置飞书机器人。当用户说"帮我创建 Agent"、"新建机器人"、"添加新 agent"、"配置新机器人"时触发。用户提供:agent 名称、飞书 appId、appSecret、角色定位。执行完毕后汇报结果。
⭐ 0· 143·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The description (create OpenClaw agent and configure Feishu/Lark bot) aligns with the SKILL.md steps: validate Feishu appId/appSecret, create agent, add account and bindings in ~/.openclaw/openclaw.json, create workspace files, optionally install a clawhub skill, enable channels/tools and restart the gateway. However, the skill metadata declares no required binaries or env vars while the instructions clearly assume presence of openclaw, clawhub, curl/jq (or PowerShell) and access to HOME/USERPROFILE and ~/.openclaw — this mismatch should be corrected or explained by the author.
Instruction Scope
The runtime instructions read and write the user's OpenClaw global config (~/.openclaw/openclaw.json), add persistent Feishu credentials (appSecret) to it, create files in a new agent workspace, install third‑party skills, toggle global channel/tool flags, and restart the gateway. Those operations are coherent with the stated purpose but are high‑impact: they modify global config, persist secrets in plain JSON, and affect other agents via gateway restart.
Install Mechanism
This is instruction‑only (no install spec), so nothing is written by the skill package itself. But the instructions assume external tooling (openclaw, clawhub, curl, jq or PowerShell). The absence of declared required binaries/tools in metadata is an omission that makes automated safety checks unreliable.
Credentials
No environment variables or primary credential are declared in the registry metadata, yet the flow requires the user to supply sensitive Feishu credentials (appId/appSecret) which will be written to ~/.openclaw/openclaw.json. The skill also expects access to HOME/USERPROFILE and may use OPENCLAW_DIR if set. Persisting appSecret in an on‑disk JSON config without discussing encryption or file protections is sensitive and should be justified/mitigated.
Persistence & Privilege
The skill modifies global OpenClaw configuration, adds channel accounts/bindings, enables channel tools, and restarts the gateway — all of which have system‑wide effects on other agents and users. The skill is not 'always:true', but its instructions grant it substantial lasting impact on the host environment.
Scan Findings in Context
[no_regex_findings] expected: The package contains only SKILL.md and _meta.json (instruction‑only). The regex scanner had no code to analyze; absence of findings is expected but not evidence of safety.
What to consider before installing
This skill will run commands that modify your OpenClaw installation and persist the provided Feishu appSecret into ~/.openclaw/openclaw.json, then restart the gateway. Before installing or running it: 1) Confirm you trust the author; 2) Manually review the SKILL.md steps; 3) Ensure openclaw, clawhub, curl/jq (or PowerShell) are installed and understand the commands will run with your user privileges; 4) Back up ~/.openclaw/openclaw.json and verify file permissions (secrets are stored in plain JSON); 5) Prefer to run the script interactively yourself rather than granting an automated agent permission to execute it, or at minimum run in a safe/non‑production environment; 6) If you plan to install a third‑party skill via clawhub, verify the skill name/source first. The metadata should be updated to declare required binaries and the sensitive nature of persisted credentials — treat the current omission as a red flag.Like a lobster shell, security has layers — review code before you run it.
latestvk97bfvkn62cq93w988b824zaph84axm1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.