Skillv0.1.0

ClawScan security

article-idea-capture · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 13, 2026, 7:00 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose (capture article ideas) is plausible, but its runtime instructions reference a specific Feishu document and a hard-coded local user path while declaring no tools, credentials, or config — this mismatch could cause unexpected writes or require implicit credentials.
Guidance: This skill is plausibly doing what it says (saving and expanding article ideas) but the runtime instructions assume access to a specific Feishu doc and a hard-coded local path while declaring no credentials or tools. Before installing or enabling it: 1) Confirm whether your agent environment has a Feishu integration and whether that Feishu doc URL belongs to you — do not provide Feishu credentials unless you trust the skill source. 2) Ask the skill author to declare required tools/credentials (or make Feishu optional/configurable) and to avoid hard-coded absolute paths; request a configurable workspace path instead. 3) If you do not want writes to your filesystem, ensure the agent is prevented from using the fallback local path or update the fallback to a safe, user-controlled workspace. These steps will reduce the risk of unexpected data writes or accidental disclosure of credentials.

Review Dimensions

Purpose & Capability: noteThe stated purpose (capture and expand article ideas) matches the instructions for creating concise idea cards and expanding them. However, the SKILL.md expects appending to a specific Feishu doc URL (primary sink) even though the skill metadata declares no required tools, credentials, or environment variables — a capability mismatch.
Instruction Scope: concernInstructions tell the agent to append to a specific Feishu doc URL or, if unavailable, to a local absolute path (/Users/shiyi/.openclaw/workspace/research/article-idea-pool.md). That requires write access to local filesystem and/or Feishu API access. The skill does not explain how to authenticate to Feishu, nor does it make the fallback path configurable; hardcoded user-home paths can lead to unexpected access attempts on the host.
Install Mechanism: okThere is no install spec and no code files (instruction-only). This minimizes on-disk installation risk.
Credentials: concernNo environment variables or credentials are declared, yet the skill expects to write to a Feishu document (external service) — implicitly requiring Feishu credentials or an authenticated tool. Also, the hard-coded local path targets a specific user directory (shiyi) which may not match the current environment and could cause accidental writes outside an expected workspace.
Persistence & Privilege: okalways is false and the skill is user-invocable only; it does not request elevated or persistent platform privileges. No evidence it modifies other skills or system-wide configs.