Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ai Interview
v1.0.0🤖 AI 面试系统 - 完整的 AI 面试解决方案 提供求职者和面试官两个 AI Agent,支持飞书群聊面试 + 实时可视化观察。 **功能:** - 👨💻 job-seeker - AI 求职者(3年前端,微前端经验) - 👨💼 recruiter - AI 面试官(提问、评估候选人) - 📊...
⭐ 0· 149·0 current·0 all-time
byjeeban@jeeban-g
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes job-seeker/recruiter agents plus a web viewer; the included server.py implements that by reading OpenClaw agent session files. Reading sessions is coherent with a viewer, but the server also exposes an unauthenticated API that can delete session files — deletion is beyond a simple viewer and should be explicit and justified.
Instruction Scope
Runtime instructions tell the user to run scripts/install.sh and python3 server.py. SKILL.md does not clearly warn that the web viewer will read ~/.openclaw/agents/*/sessions/*.jsonl (sensitive chat history) or that the UI exposes a 'clear' action which causes server.py to delete those files. The instructions grant the skill access to arbitrary agent session content without documenting privacy or auth controls.
Install Mechanism
No network installs or downloads; the packaged install.sh copies local templates and optionally launches the bundled server.py. This local-only install mechanism is low risk in itself.
Credentials
The skill requests no environment variables, which matches the package. SKILL.md asks users to configure Feishu apps and edit ~/.openclaw/openclaw.json (where secrets like appSecret will live); server.py accesses session files containing message contents. Exposing those messages via an unauthenticated HTTP API is a sensitive action and should be explicitly justified and protected.
Persistence & Privilege
The skill does not ask for always:true and doesn't alter other skills, which is good. However, server.py provides endpoints that (1) serve session contents over HTTP with Access-Control-Allow-Origin: * and (2) delete session files via /api/clear without authentication. Those behaviors give the skill effective local-data modification privilege and an unauthenticated attack surface (localhost + permissive CORS), increasing risk.
Scan Findings in Context
[unicode-control-chars] unexpected: The SKILL.md contained unicode control characters detected by the pre-scan. This is not expected for a straightforward README and may indicate attempt to alter prompt parsing or injection; it should be reviewed. (No other automated code-scan issues were reported.)
What to consider before installing
This package is mostly what it says: a local web viewer for OpenClaw agent conversations plus templates and an install helper. However, review and consider the following before installing or running the server: 1) server.py reads all session files under ~/.openclaw/agents/*/sessions and will expose their message contents via HTTP — these may contain sensitive conversation data. 2) The API sets Access-Control-Allow-Origin: * and listens on localhost:8091, so local web pages or apps could access it; consider restricting CORS or binding to 127.0.0.1 only. 3) The /api/clear endpoint deletes session files without auth — if you need deletion, require authentication or remove this endpoint. 4) Inspect openclaw.json for stored app secrets (Feishu appSecret) and avoid exposing that file. 5) If you want to use it, run it in a restricted environment (isolated account or VM), back up session files first, or modify server.py to enforce authentication and remove permissive CORS and the unauthenticated delete action. Finally, examine the detected unicode-control characters in SKILL.md and confirm text integrity before trusting automated evaluation steps.Like a lobster shell, security has layers — review code before you run it.
latestvk978xe6d03vwt3w1k4x6xc6zs5834tkd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🤖 Clawdis