Skillv1.5.0

ClawScan security

Feishu Mood Music · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 10, 2026, 5:41 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's functionality (generate music via MiniMax and send to Feishu) is plausible, but metadata and instructions are inconsistent about the sensitive credentials and binaries it needs and it reads other OpenClaw config — review before installing.
Guidance: Before installing, verify the following: (1) The skill will need a MiniMax API key (or mmx-cli credentials) and a Feishu app_id/app_secret — these are not listed in the registry metadata but are required by the scripts; don't provide high-privilege credentials without checking scope. (2) The send script will fall back to reading $HOME/.openclaw/openclaw.json to find Feishu credentials — review that file for unrelated secrets and consider removing or isolating it. (3) Prefer creating a Feishu app with minimal scopes (only message send/upload) and use a dedicated, revocable app secret for this skill. (4) If you run this on a shared host, note the script can detect and invoke local audio players and will write/read /tmp/openclaw files. Test in an isolated environment first. (5) Confirm mmx-cli is installed from the official source and only grant MiniMax the minimum quota needed. (6) If you need stronger safety, require manual confirmation before any auto-send (adjust triggers or rate limits) or avoid giving the skill Feishu credentials so it cannot send messages autonomously.

Review Dimensions

Purpose & Capability: noteThe declared purpose (generate mood music and post to Feishu) matches the shipped code: the Python script calls a MiniMax API and the shell script uploads audio to Feishu. However the registry metadata claims no required environment variables or binaries while the SKILL.md and scripts clearly require MINIMAX_API_KEY or mmx-cli and FEISHU_APP_ID/FEISHU_APP_SECRET (and optionally an edge-tts binary). The missing declarations are an inconsistency that needs explanation.
Instruction Scope: concernRuntime instructions ask the agent to install and use mmx-cli, generate audio, detect local players and potentially play audio locally, then upload/send audio to Feishu. The send script will read FEISHU_APP_ID/FEISHU_APP_SECRET from env or fall back to reading $HOME/.openclaw/openclaw.json — i.e., it reads another OpenClaw config file. Reading that config can expose unrelated credentials. The skill also supports automatic (Level 3) deliveries in group chats, which means it can autonomously send messages when it detects extreme emotion triggers.
Install Mechanism: okThere is no automated install spec; this is instruction-only plus two helper scripts. No remote archive downloads or hidden install hooks are present. The only install action suggested is 'npm install -g mmx-cli' (a standard public registry operation), which is reasonable for the described music-generation dependency.
Credentials: concernThe skill requires access to a MiniMax API key (MINIMAX_API_KEY or mmx-cli auth) and Feishu app credentials (FEISHU_APP_ID / FEISHU_APP_SECRET) to function — both are sensitive and appropriate for the purpose. However the skill metadata does not declare these required env vars, and the send script will try to read openclaw.json if env vars are missing, potentially exposing other channel credentials. That fallback to reading an on-disk OpenClaw config expands the skill's access beyond its explicit needs.
Persistence & Privilege: concernalways:false (good) and the skill is user-invocable. But it is designed to autonomously send Feishu audio messages when 'extreme' emotion triggers occur (Level 3), and because it needs Feishu credentials this gives it the capability to send messages without manual confirmation. Combined with the credential-access and config-file fallback, this increases risk if credentials are overprivileged or misconfigured.