v1.1.0

Topic Selection Expert

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:48 AM.

Analysis

The skill mostly matches its topic-monitoring purpose, but it uses Feishu account credentials to write records and can run persistently/push messages even though those authorities are not declared in the registry metadata.

GuidanceBefore installing, decide whether you want automatic Feishu writes, Telegram pushes, and background scheduling. Create a least-privilege Feishu app for only the intended table, keep secrets out of files, run manually first, and enable the daemon only after confirming the configuration and stop procedure.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

run_pipeline.py

url = f"{FEISHU_API}/bitable/v1/apps/{APP_TOKEN}/tables/{TABLE_ID}/records/batch_create" ... httpx.post(url, headers=headers, json={"records": batch}, timeout=30)

The pipeline batch-creates Feishu records for scored topics. This matches the stated workflow, but it is an automated mutation of an external account.

User impactRunning the pipeline can add records to the user's Feishu database without per-record confirmation, and scheduled use could repeat this automatically.

RecommendationConfirm the target table before running, start with manual runs, and add review/rollback procedures if the table is important.

Rogue Agents

SeverityLowConfidenceHighStatusNote

bin/start.sh

nohup python3 -u main.py --daemon >> "$LOG_FILE" 2>&1 &
echo $! > "$PID_FILE"

The start script launches a background daemon and records a PID. This is disclosed and paired with stop/status scripts, but it is persistent behavior.

User impactIf started, the skill may keep running in the background and continue its topic-monitoring workflow until stopped.

RecommendationUse daemon mode only if scheduled operation is desired, monitor the log/PID file, and use the provided stop script when finished.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

run_pipeline.py

FEISHU_APP_SECRET = _env("FEISHU_APP_SECRET") ... APP_TOKEN = _env("FEISHU_APP_TOKEN") ... TABLE_ID = _env("FEISHU_TABLE_ID")

The code requires Feishu app credentials and table identifiers, while the registry metadata declares no required env vars or primary credential. This is delegated account authority that should be surfaced clearly.

User impactA Feishu app secret can obtain a tenant access token and write to the configured Feishu bitable; if the Feishu app is over-scoped, more workspace data may be reachable than the user expects.

RecommendationUse a least-privilege Feishu app limited to the target bitable/table, store secrets only as environment variables, and update metadata to declare the required credentials.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceMediumStatusNote

SKILL.md

记录用户的采纳/放弃偏好，持续优化推荐

The skill says it records accept/abandon preferences to improve future recommendations, creating persistent recommendation state.

User impactPast choices or bad topic data could influence future recommendations until the stored state is cleared or corrected.

RecommendationKeep the local topic database scoped, provide a way to review or clear stored preferences, and avoid treating persisted recommendations as authoritative.