Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Create a Deep Research Feishu Doc
v2.0.0飞书深度研究报告生成器。自动执行深度研究并将结果导入为飞书文档。输入研究主题和云空间文件夹token,自动生成结构化研究报告并上传到飞书云空间。用于投资研究、行业分析、竞品调研、技术调研等需要多步骤信息收集和文档化的场景。
⭐ 0· 1.4k·8 current·8 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's stated purpose (create/upload Feishu docs) legitimately requires Feishu app credentials (app_id/app_secret) and access to a folder token. The SKILL.md explicitly depends on reading Feishu appId/appSecret from gateway config and on a folder token, but the skill metadata lists no required env vars, no primary credential, and no required config paths — an internal inconsistency. The omission makes the declared requirements and the actual runtime needs incoherent.
Instruction Scope
The SKILL.md mandates using exec + curl to call Feishu REST APIs and forbids wrappers. It also requires producing and displaying sensitive artifacts (tenant_access_token, file_token, ticket, doc_token) and full polling logs. Requiring explicit printing of short-lived tokens and internal upload tokens increases risk of accidental token leakage in logs or outputs; while showing tokens could be intended for audit, the instructions give the agent broad discretion to create, write, and expose those tokens and intermediate files. The guidance to 'never use' client libraries is unusual but explainable for auditability; combined with explicit token disclosure it elevates risk.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. No external downloads or packages are requested.
Credentials
The SKILL.md needs Feishu appId/appSecret (and requests them from gateway config.get) but metadata declares no required environment variables or config paths and no primary credential; this is a proportionality/manifest mismatch. Additionally, the workflow requires exposing tenant_access_token and other tokens in outputs — these are sensitive credentials. The skill claims only the permissions needed for file upload/import, but the manifest does not list or request them formally, so it is unclear how the platform will grant or audit those credentials.
Persistence & Privilege
always:false (good). The skill can be invoked autonomously (platform default). Autonomous invocation combined with the instruction to create files, call curl repeatedly, and display tokens increases blast radius somewhat, but autonomous invocation alone is normal and not flagged by itself.
What to consider before installing
Before installing: 1) Be aware the SKILL.md will request your Feishu App ID/App Secret (via gateway config) and will instruct the agent to call Feishu APIs directly with curl and to print the resulting tenant_access_token, file_token, doc_token and full polling logs — these are sensitive values that could appear in logs or shared output. 2) The skill metadata does NOT declare these credential or config requirements; ask the publisher to correct the manifest so required credentials/config paths are explicit. 3) If you proceed, restrict the Feishu app's permissions to the minimum (drive file upload & import only) and use an app account with limited scope. 4) Prefer verifying the code or running the skill in an isolated/test tenant first so any printed tokens cannot access production resources. 5) If you cannot verify the publisher or the missing manifest fields, treat this as suspicious and avoid installing in high-privilege environments.Like a lobster shell, security has layers — review code before you run it.
latestvk973b7ntzh84zqp9kgzpzvdjws80srk8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.