Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
成长伙伴 - Growth Partner
v1.0.0持续监控用户消息、群聊@及文档日历,主动洞察工作脉络并交付分析汇总与行动建议,支持高效成长管理。
⭐ 0· 43·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill explicitly describes scanning private messages, group @ messages, Feishu documents, and calendar events (and even cross-week chat history). Those capabilities legitimately require Feishu API credentials and/or platform-injected tokens and likely elevated scopes; yet the skill metadata declares no required environment variables, primary credential, or config paths. Hard-coded user_open_id and chat_ids are present in the instructions but do not substitute for the auth material needed to call Feishu APIs.
Instruction Scope
SKILL.md gives concrete runtime steps to: read all p2p messages, query group messages (including @mentions), search docs, list calendar events, traverse multi-week history, and update local memory files before sending private messages. This is consistent with the advertised goal (continuous, proactive monitoring), but it is extremely broad and invasive: it instructs full-content collection and cross-context aggregation. The instructions also reference local memory files (read/write) and a suggested cron payload — no guardrails about user consent, data retention, or minimum necessary scope are provided.
Install Mechanism
There is no install spec and no code files — the skill is instruction-only. That minimizes filesystem install risk (nothing downloaded or executed by an installer). The main risk comes from the runtime API calls the agent will perform when invoked, not from an install step.
Credentials
The instructions call Feishu API helpers (feishu_im_user_search_messages, feishu_search_doc_wiki, feishu_calendar_event.list) but the registry metadata lists no required env vars or credentials. Requiring zero credentials is disproportionate and inconsistent: Feishu calls need access tokens/app credentials and scopes. The presence of specific user_open_id and chat IDs compounds privacy risk (this skill appears tailored to a named user).
Persistence & Privilege
always:false (not force-installed) and autonomous invocation is allowed (default). The skill suggests running periodically (cron example) and writes to local memory files (insights-journal.md, active-learning-log.md). Periodic autonomous runs combined with broad message access increase the blast radius — this is expected for a continuous assistant, but the combination with the credential mismatch and lack of consent/retention rules is concerning.
What to consider before installing
This skill will read and aggregate private chats, group @ messages, documents, and calendar events — but the package does not declare any Feishu credentials or scopes. Before installing: (1) confirm how Feishu credentials will be provided (explicit env vars, platform-injected tokens, or none); (2) require least-privilege tokens and list exact scopes the skill needs; (3) verify and limit the time window and history depth it may access; (4) require explicit user consent and document data retention/erase policies; (5) test in a sandbox account rather than a real user's account; (6) consider adding explicit safeguards in SKILL.md (e.g., do not collect message bodies marked private, scrub PII by default). If the author can show that credentials are provided securely and scopes are minimal and documented, reassess — otherwise do not grant this skill access to real user data.Like a lobster shell, security has layers — review code before you run it.
latestvk978ynyaqm52dabxh6e7agg0m984kghc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.