Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Feima Lab Content Manager
v1.5.0编写 feima-lab 博客、创建 feima-lab 文章、把纯文本/自然语言/已有 md 文档转成 feima-lab 博客样式的 MDX 文章,像素级还原 8 种自定义组件(Callout/CodeTabs/Collapse/CompareCard/Timeline/ImageCarousel/Playg...
⭐ 0· 48·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
high confidencePurpose & Capability
The code and SKILL.md clearly implement a feima-lab article authoring + remote publish workflow (local render, image-localize, meta.json management, and a set of api scripts that call fenxiang-ai-brain endpoints). The requested network calls, file I/O, and one API key (FX_AI_API_KEY) are coherent with the described purpose. However the skill registry metadata lists no required env vars or config paths while the runtime docs and code do require/consume them (see environment_proportionality).
Instruction Scope
SKILL.md instructs the agent to read and write local files (posts/<slug>/article.mdx, meta.json, MEMORY.md), localize images (download or copy into posts/<slug>/images/), and optionally call remote API scripts. All of these are within the stated purpose. The skill explicitly warns not to persist the API key and describes error handling/flow control. It will read/write MEMORY.md for author defaults and will write meta.json and preview files — this is expected for a content manager.
Install Mechanism
No install spec (instruction-only with bundled scripts). The renderer is pre-bundled (scripts/render.mjs). There are no network download installers, no brew/npm installs, and no extraction from arbitrary URLs — this is low-risk and consistent with the 'zero npm deps' claim.
Credentials
The SKILL.md and scripts require an FX_AI_API_KEY (internal-type) and optionally accept FX_AI_BASE_URL, and they read/write MEMORY.md; yet the registry metadata lists 'Required env vars: none' and 'Required config paths: none'. That's an inconsistency: the skill will fail for remote operations without FX_AI_API_KEY, and it will read/write the agent's MEMORY.md by design. The FX_AI_API_KEY is proportionate to the remote publish capability, but the omission from registry metadata is misleading and worth flagging.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It will write files under the working posts/<slug>/ directory (meta.json, preview.html, images/) and will create/modify MEMORY.md entries for author defaults — this is normal for a content-authoring skill but you should be aware it will persist metadata locally. Autonomous invocation is allowed by default (not itself a red flag) but combined with file writes and network access it increases the blast radius if misused.
What to consider before installing
This skill appears to implement the described feima-lab authoring + publish features and includes the scripts that perform those actions. Before installing or using it:
- Expect local file reads/writes: the skill will read/write posts/<slug>/article.mdx, meta.json, preview.html and will read/write MEMORY.md for defaults; make sure you are comfortable with that directory being modified.
- FX_AI_API_KEY is required for any remote API calls (save/publish/list). The SKILL.md requires an internal-type key; do not hand the skill other secrets. The registry metadata incorrectly omits this requirement — treat FX_AI_API_KEY as mandatory for remote operations.
- If you only want local rendering/image-localization, do not set FX_AI_API_KEY and use the scripts locally; the skill supports offline preview with no remote calls.
- Review the bundled scripts (they are included) and the default API_BASE_URL (https://api-ai-brain.fenxianglife.com/...) before providing any API keys. If you need to change FX_AI_BASE_URL, be cautious — pointing it at an untrusted endpoint would send your article content and uploaded images there.
- If you are concerned about privacy, run the scripts in an isolated environment (container or VM), and avoid giving an internal API key to third-party or untrusted skills. Ask the skill author/maintainer to update the registry metadata to declare FX_AI_API_KEY and the fact that the skill reads/writes MEMORY.md and posts/ paths for clarity.scripts/api/_lib.mjs:29
Environment variable access combined with network send.
scripts/render.mjs:15334
Potential obfuscated payload detected.
scripts/api/_lib.mjs:25
File read combined with network send (possible exfiltration).
scripts/image-localize.mjs:7
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk974twc4dz06hncsydqfvn4p4184scy7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.