v1.4.0

小红书议题报告

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:53 AM.

Analysis

This is mostly a disclosed public-web report skill, but it can automatically use Feishu credentials to create and share a persistent document to an unspecified group despite unclear credential metadata and a no-storage claim.

GuidanceInstall only if you are comfortable with external web searches and Feishu publishing. Leave the Feishu environment variables unset if you want reports only in chat, and require confirmation plus a known group/document permission setting before enabling Feishu sharing. Avoid confidential topics unless the search provider and Feishu workspace are approved for them.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

如已配置飞书（`FEISHU_APP_ID` + `FEISHU_APP_SECRET`）且 `feishu_create_doc` 可用 → 发布到飞书云文档，发送链接到群

This tells the agent to publish the report to Feishu and send a group link automatically when credentials exist, without naming the group, document access settings, or requiring explicit user approval.

User impactA report topic and its contents could be shared into a Feishu workspace or group the user did not intend.

RecommendationRequire explicit confirmation before Feishu publishing, and clearly specify the target group, document permissions, and how to delete or revoke the shared document.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

发布到飞书云文档 ... 数据仅用于当次报告生成，不做持久化存储

The skill says it may publish a cloud document, but later states that data is not persistently stored. A Feishu cloud document is persistent external storage unless the user deletes it.

User impactUsers may believe report data is only temporary even though Feishu output can remain stored and shareable after the task.

RecommendationClarify that Feishu output is persistent, describe retention and deletion behavior, and make the no-persistence claim conditional on not using Feishu publishing.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceMediumStatusConcern

SKILL.md

| `FEISHU_APP_ID` | 飞书应用 App ID | 否 | ... | `FEISHU_APP_SECRET` | 飞书应用 Secret | 否 |

These are Feishu application credentials that enable workspace actions, while the supplied registry metadata declares no env vars or primary credential and the skill does not state minimum Feishu permissions.

User impactUsers may not realize the skill can act through a Feishu app identity if those variables are present.

RecommendationDeclare the Feishu credential contract in metadata and document the minimum app permissions, target workspace, and exact actions the skill will take.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

SKILL.md

`minimax-web-search` | 头部媒体 + Twitter 搜索 ... 使用 `minimax-web-search` 搜索 Twitter/X 上关于该议题的关键推文

The skill sends user-provided topic keywords to an external search tool. This is disclosed and purpose-aligned, but users should know that sensitive monitoring topics may leave the chat environment.

User impactConfidential or sensitive topic names could be sent to the external search provider as part of normal operation.

RecommendationAvoid using confidential topic names unless the external search provider is acceptable, and document the provider data handling expectations.