INSP 公司 HR 知识库
WarnAudited by ClawScan on May 18, 2026.
Overview
This skill does not execute code, but it embeds company-internal HR/finance content and a Wi-Fi password, so wider publication could leak sensitive internal information.
Install or enable this only if you are sure it is an authorized internal INSP skill and access is limited to employees. Before broader use, remove or rotate the Wi-Fi password and confirm that the internal HR/finance policies and Feishu source document are approved for distribution through this skill.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Unauthorized people who can view the skill could learn the company Wi-Fi password and potentially access the network if nearby.
The skill includes a direct network access password in static content. If the skill is available outside the intended internal audience, it could expose company network access.
#### 9.1 WiFi 信息 - **WiFi 名称:** inspiring - **密码:** 52inspiring
Remove the Wi-Fi password from the skill, distribute it only through an authenticated internal channel, and rotate the password if this skill was publicly accessible.
Anyone who can install or query the skill may receive internal company HR and finance policy details that were marked as internal-only.
The skill stores company-internal knowledge directly in agent context, including HR processes, reimbursement rules, departure procedures, and finance SOP details. That is purpose-aligned for an internal HR bot, but risky without clear access control or distribution limits.
**📚 文档信息:** - 最后更新:2026-03-16 - 保密级别:公司内部
Restrict the skill to authorized INSP employees, verify publisher authorization, and consider moving internal-only content behind access-controlled retrieval instead of embedding it in a broadly distributed skill.