ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

飞书周报

v1.0.1

生成飞书周报。通过两种方式收集工作内容:(1) 调用飞书API拉取指定时间范围的聊天记录,(2) 读取本地daily memory日志。 合并两个数据源后,按用户指定的周报模板自动整理输出。 触发词:周报、工作总结、上周总结、本周总结、写周报、weekly report。 Use when: 用户需要生成周报、工...

0· 471·2 current·2 all-time
byhak1@hakityc
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill legitimately needs Feishu app_id/app_secret and access to local daily memory files to produce reports, and the included script uses those credentials to call the Feishu API. However, the registry metadata lists no required env vars or config paths; the SKILL.md explicitly directs the agent to read ~/.openclaw/openclaw.json for appId/appSecret and to read/write <workspace>/memory/YYYY-MM-DD.md. The declared requirements should reflect these accesses.
!
Instruction Scope
SKILL.md instructs the agent to: (1) grep the user's ~/.openclaw/openclaw.json for appId/appSecret, (2) take chat_id from inbound context, (3) run the bundled fetch_feishu_messages.sh which downloads chat messages, (4) read local workspace memory files, and (optionally) write daily memory files. Reading a config file for secrets and writing user files are outside the 'generate report' surface unless explicitly disclosed and consented to; the write behavior in particular requires explicit user approval.
Install Mechanism
No install spec (instruction-only plus a small shell script). The script only calls the official Feishu API (open.feishu.cn) and uses curl/python3; there are no external downloads or obscure URLs. This is low-risk from an install/execution standpoint.
!
Credentials
The skill needs Feishu credentials (app_id/app_secret) but does not declare them in requires.env or primaryEnv; instead it reads them from ~/.openclaw/openclaw.json. It also reads (and optionally writes) workspace memory files. Requesting access to these local secrets/files is proportionate to the stated feature, but the omission from the declared metadata is a red flag and gives the agent access to sensitive tokens without explicit metadata-level disclosure.
Persistence & Privilege
always is false (good). The SKILL.md allows optional automatic writing of daily memory files if the user agrees. Because model/autonomous invocation is enabled by default on the platform, confirm that any automatic writes require explicit user consent and that the skill will not enable writing without it.
What to consider before installing
This skill appears to do what it claims (pull Feishu chat messages and merge with local daily notes) but it reads sensitive local configuration (~/.openclaw/openclaw.json) to obtain app_id/app_secret and accesses <workspace>/memory files — yet the registry metadata does not declare these requirements. Before installing, ask the developer to: (1) explicitly declare required config paths or env vars in the skill metadata, (2) document exactly when and how local files will be read and when writes will occur, and (3) ensure writes only happen after explicit user consent. Practical steps you can take: provide the Feishu credentials in a limited-permission dedicated app rather than using a broad credential, run the skill in a test workspace first, and disable autonomous invocation or decline the optional 'Daily Memory 写入' behavior until you trust the implementation.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a48vp2886k1m6rfd45dxqy5824tk0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments