Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
AP Daily Report
v1.0.0Generate and deliver a daily Agentic Payment news briefing covering Visa dynamics, China/APAC market, competitor protocols, and regulatory updates for Visa G...
⭐ 0· 47·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's actions (read previous reports, create a markdown file in an Obsidian vault, render to PDF, and push to WeChat) are coherent with the declared purpose of generating and delivering a daily report. However, the SKILL.md contains a hardcoded absolute Obsidian path (/Users/juncai/...), a hardcoded WeChat recipient and accountId, and the _meta.json ownerId differs from the registry ownerId — these are user-specific items that make the skill appear tailored for a particular person's environment rather than a generic, shareable skill.
Instruction Scope
The runtime instructions explicitly tell the agent to read and write files under a specific user's Obsidian vault path and to send a PDF to a specific external WeChat account. Reading/writing the user's local vault is within the stated purpose but is sensitive: it accesses local documents and will transmit the generated PDF externally. The instructions also assume a 'message' tool exists and that the agent has credentials to push to that WeChat account (these credentials are not declared or scoped in the skill), which expands the real-world side-effects beyond simple local formatting.
Install Mechanism
There is no install spec (instruction-only), but the included script (convert-ap-report.mjs) invokes external tools via execSync: it expects Node to be present and attempts to use 'md-to-pdf' and falls back to launching puppeteer. The skill declares no required binaries or packages, so there's a mismatch between declared requirements (none) and actual runtime dependencies (node, md-to-pdf, puppeteer and their transitive dependencies). That mismatch could cause failures or surprise the user when the agent attempts to install/execute missing tooling.
Credentials
requires.env lists no credentials, but the skill will transmit content to a hardcoded external WeChat target and accountId. The skill relies on the agent environment's messaging tool and its credentials without declaring or scoping them. While sending the report is part of the purpose, the lack of clear credential declarations and the presence of hardcoded external targets increases risk of unintended data exfiltration if the skill is reused in a different environment.
Persistence & Privilege
The skill is not marked always:true and does not request permanent system-wide privileges. It suggests setting up a cron job but does not itself contain an install script that modifies system cron or other agent configs. Autonomous invocation is allowed (platform default), which is expected for a scheduled report skill; this combination is reasonable but the user should be aware that the skill's cron instructions enable repeated automated reads and external sends.
What to consider before installing
This skill appears to do what it says, but exercise caution before installing. Key points:
- It reads and writes files in a hardcoded Obsidian path (/Users/juncai/...). If that path does not belong to you, update the path before running or decline installation.
- It will send the generated PDF to a hardcoded WeChat recipient and accountId. Confirm you trust that recipient and change the target if needed.
- The bundled script expects Node and external renderers (md-to-pdf and/or puppeteer) but the skill declares no required binaries; ensure your runtime has Node and those packages installed or the PDF step will fail.
- The metadata shows an owner mismatch between registry and _meta.json — ask the publisher who maintains this skill and why the IDs differ before trusting it.
- If you plan to enable scheduled/autonomous runs (cron), remember this will repeatedly read local vault files and transmit reports externally; review and sanitize any sensitive content before enabling.
If you decide to use this skill: update/remove hardcoded paths/recipient, install Node/md-to-pdf/puppeteer in a controlled environment, and test once manually to confirm behavior before enabling automated runs.scripts/convert-ap-report.mjs:147
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97d9xyeqvenj83av8h0am3k9583x6nz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.