v1.1.1

Codeflicker

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:15 AM.

Analysis

This is a coherent CodeFlicker coding-assistant integration, but it deserves review because it can delegate development tasks to an SSO-authenticated external CLI and documents a global auto-execute mode.

GuidanceInstall this only if you trust the official Kuaishou CodeFlicker CLI and are using an approved corporate environment. Prefer default approval mode over yolo, restrict --cwd to a safe workspace or worktree, avoid entering secrets, and review generated changes before merging or running them in important repositories.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

When OpenClaw needs to perform development tasks ... `flickcli -q --cwd ~/work "开发任务描述"` ... `flickcli config set -g approvalMode yolo` ... `yolo` - auto execute

The skill directs OpenClaw to delegate development tasks to flickcli in quiet mode and documents a global mode that auto-executes operations, creating a risk of file or command actions without per-action confirmation.

User impactIf yolo mode is enabled or the CLI is used broadly, CodeFlicker may make code changes or run operations in the selected workspace with limited human interruption.

RecommendationKeep approvalMode at default unless you explicitly want no-confirm automation, use a precise --cwd in a disposable repo or worktree, and review all changes before merging or committing.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

`export npm_config_registry="https://npm.corp.kuaishou.com"` ... `npm install -g @ks-codeflicker/cli`

The skill instructs users to install a global external CLI package from an internal npm registry. This is purpose-aligned, but the installed package code is outside the provided artifacts.

User impactThe globally installed CLI will run with the user's local permissions when invoked.

RecommendationInstall only from the official internal registry, verify the package name/version and maintainer, and avoid using an untrusted mirror or modified package.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

**Must login with SSO before first use:** `flickcli /login`

The CLI requires corporate SSO authentication. That is expected for a Kuaishou employee tool, but it means actions may be tied to the user's corporate account.

User impactUsing the skill may authorize CodeFlicker under your Kuaishou identity and may consume or access internal-service resources.

RecommendationOnly log in on trusted corporate machines, verify CodeFlicker is approved for your work, and understand what account permissions the CLI receives.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceMediumStatusNote

SKILL.md

Continue last session: `flickcli -q -c "add unit tests"` ... View Session Logs: `flickcli log`

The CLI supports continuing prior sessions and viewing logs, indicating that task context or prompts may be retained for later use.

User impactCode snippets, task descriptions, or other prompt context may remain in CodeFlicker session history or logs.

RecommendationAvoid putting secrets in prompts, review the CLI's log/session retention behavior, and clear logs or sessions when handling sensitive code.