ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

yuqing-bitable-and-label

v2.0.8

Incrementally sync data from XiaoAi API to Feishu Bitable and optionally auto-label records with machine-based type and sentiment annotations.

1· 250·0 current·0 all-time
by@frankieway
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The declared inputs (Feishu APP_ID/APP_SECRET, XiaoAi token, bitable_url) match the stated purpose of syncing data to a Feishu Bitable and writing labels. The code implements expected behaviors (fetch from XiaoAi API, write to Feishu bitable, optional labeling). Note: the labeling component optionally uses an OpenAI-compatible gateway if OPENAI_* env vars are provided; that capability is plausible for the stated labeling purpose but is not listed in SKILL.md inputs or permissions.
!
Instruction Scope
The SKILL.md entrypoint runs sync_and_label_skill.py which follows the declared purpose. However the labeling runtime can (if OPENAI_API_KEY / OPENAI_BASE_URL / OPENAI_MODEL are set) send record content to an arbitrary OpenAI-compatible endpoint. SKILL.md's network permissions only list Feishu and the default XiaoAi host, so outbound calls to api.openai.com or other gateways are not declared. Additionally auxiliary scripts (sync.sh, monitor.sh) read/write .env, .cache, logs, and may modify files in the skill directory (e.g., sed edits of .env), which expands the runtime scope beyond a simple one-shot sync.
Install Mechanism
There is no install spec (instruction-only for platform), and provided files are Python scripts and shell helpers that run in-place. No remote download/install from arbitrary URLs is present, which is lower risk. The package includes several helper scripts and caches but nothing that auto-fetches executable code at install time.
!
Credentials
Required secrets (Feishu APP_ID/APP_SECRET, XiaoAi token) are proportional to the sync/write-to-bitable functionality. However the code will also use optional environment variables OPENAI_API_KEY / OPENAI_BASE_URL / OPENAI_MODEL (and other LLM config) to call external LLM gateways. Those are not declared in the skill inputs or network permissions; if set they enable sending user content to arbitrary endpoints. The shell helpers source a .env file from the skill directory (not system-wide) but will mutate it via auto-fix logic — review before use.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It creates local files (.cache, logs, .sync.lock) and may modify files inside its own skill directory (e.g., .env auto-fix), but it does not modify other skills or request system-wide persistent privileges.
What to consider before installing
This skill appears to implement the claimed sync-and-label workflow and requires Feishu app credentials and a XiaoAi token — those are expected. Things to consider before installing: - Do NOT set OPENAI_API_KEY / OPENAI_BASE_URL / OPENAI_MODEL unless you trust the external LLM gateway: if provided the skill will send record content to that gateway (default base is api.openai.com), but the SKILL.md did not declare network permissions for that. That mismatch can result in unexpected outbound data transfer. - The skill writes logs, a cache directory, and lock/status files inside its own directory and the provided shell helpers may edit the local .env (monitor.sh/sync.sh include auto-fix logic). Review any .env you place in the skill directory so it does not contain unrelated secrets. - If you plan to run this in production, run it in an isolated environment or staging workspace first and inspect outputs (sync.log, error.log, .sync_status.json). Confirm the run_only network hosts are acceptable. - If you need labeling without sending data to third-party LLMs, verify the labeling mode will accept model outputs via stdin (the code supports a stdin/OpenClaw mode) and avoid supplying OPENAI_* env vars. - If you want to be safer, audit the run_once functions in excel_to_feishu_bitable.py and bitable_labeling_skill.py (they perform HTTP calls and modify bitable fields) to confirm there are no additional unexpected endpoints or behaviors.

Like a lobster shell, security has layers — review code before you run it.

latestvk97by9ffjv6cpvws9v0wk2b1td8301dm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments