Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
知识自动沉淀引擎
v0.1.3每日知识沉淀引擎(Knowledge Auto-Precipitation Engine,KAPE)。自动完成:下载昨日Get笔记内容 → 结合对话记录 → 深度分析用户学习、感悟、工作状态 → 生成含重点摘要的日志简报 → 同步归档到 Get笔记(带标签)+ 飞书知识库 + 飞书文档。触发场景:「整理昨天的日志...
⭐ 0· 112·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The declared purpose (aggregate Get笔记 + conversation history and sync to Feishu) aligns with the tools and API calls described in SKILL.md (sessions_list/history, Get笔记 API, feishu_wiki/feishu_doc). However the skill embeds user-specific assumptions (hardcoded folder_token, member_id, app_id) and expects credentials stored in openclaw.json even though no env vars or config paths are declared in the registry metadata — this is an incoherence to ask about.
Instruction Scope
SKILL.md instructs the agent to: read session history (sensitive), call external APIs, run shell commands (exec + curl) to obtain tenant tokens, use exec + cat to read local files under workspace/vocabulary, create directories and write a local file under /Users/openclawer/.openclaw/workspace, and parse/transform memory paths. These actions access local files and secrets and reach external endpoints; several referenced files/credentials are not declared, and a hardcoded filesystem path and folder token are used — scope and data access are broader than the registry metadata indicates.
Install Mechanism
No install spec (instruction-only) and the single JS file is inert (only logs). This is low install risk because nothing is downloaded or written by an installer. The primary risk comes from the runtime instructions, not an installation step.
Credentials
The skill expects multiple secrets/config entries (Get笔记 apiKey and GETNOTE_CLIENT_ID, Feishu app_secret for tenant_access_token, plus a specific folder_token and member_id) stored in openclaw.json, yet the registry metadata lists no required env vars/config paths or primary credential. Hardcoded folder_token and member_id embedded in the doc are unnecessary for a general skill and may point to assumptions about a particular user's org — this is disproportionate and should be justified or removed.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It does request access to conversation sessions (sessions_list/sessions_history) which is expected for a summarization tool but is sensitive. It also writes a local file under a specific user path and pushes documents to external services (Get笔记/Feishu). Those are reasonable for its purpose but the hardcoded paths/tokens and undeclared secret access increase risk.
What to consider before installing
This skill broadly does what it says (collect yesterday's notes and conversations, analyze them, and sync to Get笔记 and Feishu), but there are several red flags you should resolve before installing: 1) The SKILL.md expects credentials (Get笔记 apiKey/GETNOTE_CLIENT_ID and Feishu app_secret) stored in openclaw.json yet the skill metadata declares no required env or config — confirm where and how secrets are stored and that the skill will only use the specific credentials you intend. 2) The file includes a hardcoded Feishu folder_token and member_id and a hardcoded local path (/Users/openclawer/...). Ask the author to remove or parameterize these so the skill won't act on someone else's folder or require a specific username. 3) The skill uses exec + curl to obtain tokens and set permissions and will read session history and local files (workspace/vocabulary). If you install it, ensure you trust the skill and that it only has access to the accounts/folders you expect. 4) Prefer the author to declare required env vars/config paths in the skill metadata and to avoid embedding organization-specific tokens. If you cannot get these clarifications, treat the skill as risky and do not grant it access to production credentials or sensitive conversation history.Like a lobster shell, security has layers — review code before you run it.
auto-precipitationvk9756rdw3s04jtp4yjdyzgdeq184asyvgetnotevk9756rdw3s04jtp4yjdyzgdeq184asyvknowledge-managementvk9756rdw3s04jtp4yjdyzgdeq184asyvlatestvk9756rdw3s04jtp4yjdyzgdeq184asyvpersonal-workspacevk9756rdw3s04jtp4yjdyzgdeq184asyv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.