Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Codeflicker
v1.1.1CodeFlicker CLI 编程助手 - 快手员工专用的 AI 代码开发工具,支持更多模型和免费用量
⭐ 0· 422·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the instructions and scripts: the skill is a thin wrapper that calls an external 'flickcli' CLI. It is explicitly targeted at Kuaishou employees and references a corporate npm registry, which is coherent for internal use but unusual for a public registry entry (the skill does not declare this requirement in metadata).
Instruction Scope
Runtime instructions direct the agent to run the third-party flickcli tool (e.g., flickcli -q --cwd ~/work ...). The SKILL.md and included scripts also promote 'approvalMode yolo' (auto-execute) and commands for adding skills and MCP servers (flickcli skill add, mcp add with npx) — these actions can execute arbitrary code or install packages and broaden the attack surface. The instructions permit silent, non-interactive execution in user workspaces; that scope goes beyond mere read-only analysis and can modify files and run shell commands.
Install Mechanism
There is no install spec in the registry bundle (instruction-only), but SKILL.md tells users to set npm_config_registry to https://npm.corp.kuaishou.com and run npm install -g @ks-codeflicker/cli. This is a corporate/private registry requirement (not a public release URL). For internal users this may be fine; for external users it is inaccessible and hides the actual package source from normal public review.
Credentials
The skill does not request environment variables or credentials in metadata. However, it instructs users to perform SSO login (flickcli /login) and to use the user's home workspace (~ /work). The CLI will likely store or require auth tokens locally; that behavior is implicit but not declared. The skill also references logs and the ability to execute commands in local directories, which may access sensitive files if run with broad cwd.
Persistence & Privilege
The skill itself does not request always:true and is user-invocable only, which is appropriate. However, the recommended workflows include enabling auto-execute ('yolo') and adding new skills or MCP servers via the CLI (including using npx to fetch and run packages), which effectively grants the agent the ability to pull and run remote code or auto-execute shell commands in the user's workspace. That combination increases risk if the agent uses the CLI autonomously.
What to consider before installing
This skill is a wrapper around an external, corporate CLI (flickcli). It is coherent if you are a Kuaishou employee on the corporate network and you trust the flickcli package. Before installing or enabling it: (1) confirm you can access and verify the package on the corporate npm registry and review the flickcli source/binary you will install; (2) do NOT enable or set approvalMode to 'yolo' (auto-execute) unless you fully trust the CLI and its configuration — auto-execution can run arbitrary shell commands in your workspace; (3) be cautious about 'skill add' and 'mcp add' (they can pull and run remote code via npm/npx); (4) ensure the CLI authentication (SSO) tokens are stored securely and consider running the tool in a constrained environment (container or isolated workspace) first; (5) if you are not on Kuaishou network or cannot verify the package source, avoid installing — the instructions rely on a private registry and may not be intended for public use.Like a lobster shell, security has layers — review code before you run it.
latestvk97bcb6k0q5hvs6b1bkrwvb009823y7c
License
MIT-0
Free to use, modify, and redistribute. No attribution required.