skill-h-meeting-sync
WarnAudited by ClawScan on May 10, 2026.
Overview
This appears to be a real meeting-sync skill, but it can repeatedly change and delete Gitea meeting files across bot-accessible repositories using an undeclared Gitea token.
Install only if you intend this skill to manage the specified Gitea meeting repositories automatically. Before enabling cron, switch the Gitea URL to HTTPS, use a least-privilege token, add a repository allowlist and dry-run/approval workflow, and review how meeting emails and links are shared.
Findings (7)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can act as the configured Gitea bot account, and the token could be exposed over the network if a non-HTTPS base URL is used.
The skill requires a Gitea bot token despite registry metadata declaring no required env vars or primary credential. The example also uses plain HTTP, which would expose the token if used as-is.
GITEA_BASE_URL=http://43.156.243.152:3000 GITEA_TOKEN_BOT=your_aifusionbot_access_token_here
Declare the credential requirement, use HTTPS only, create a least-privilege token, restrict it to the intended repositories, and rotate any token that may have been used over HTTP.
A bad comparison, bad metadata, or over-scoped token could cause automated file changes or deletions across multiple repositories.
The archive job operates across all discovered managed repos and deletes original files after copying them to an archive path.
repos = get_managed_repos(GITEA_TOKEN, GITEA_BASE_URL)
...
for full_name in repos:
results = archive_repo(full_name)
...
delete_file_in_repo(Add an explicit repository allowlist, dry-run output, backup/rollback behavior, and require approval or PR-based changes for destructive archive operations.
A failed reschedule can leave the old meeting no longer active while the replacement meeting was not created, which can mislead later cron runs and notifications.
The reschedule flow marks the old meeting as rescheduled before the new meeting record is guaranteed to exist, and the error message confirms a partial-failure state is possible.
old_meta["status"] = "rescheduled"
...
_fail(f"新 meta.yaml 创建失败(旧目录已标记 rescheduled):{e}")Make the operation transactional: create and verify the new record first, roll back old status on failure, or stage changes in a branch/pull request.
If meeting titles, reasons, or links contain misleading HTML, recipients may receive bot-branded emails with altered content or deceptive links.
Meeting fields are inserted directly into trusted HTML notification emails without visible escaping or URL validation.
<td style="padding:10px 14px;border:1px solid #e0e0e0;">{topic}</td>
...
<a href="{new_join_url}"HTML-escape all text fields, validate meeting URLs against expected domains, and consider plain-text email fallbacks.
Installing could change the local Python environment and depend on package versions available at install time.
The setup step installs Python dependencies into the environment and may affect the system Python installation. This is documented and user-directed, but not represented by an install spec.
pip install -r "$SKILL_DIR/requirements.txt" --break-system-packages -q
Use a virtual environment, pin dependency versions with hashes, and declare the install requirements in metadata.
The local scripts run with access to the configured Gitea token and environment variables.
The Node entrypoint executes local Python scripts. Command selection is constrained by a fixed command map, so this is expected for the skill, but it still runs code with the user's environment.
const result = spawnSync( 'python3', [path.join(SCRIPT_DIR, script), ...args],
Install only from a trusted source and review the local Python scripts before enabling cron execution.
Meeting IDs, join URLs, attendee emails, and schedule details may move between multiple skills and be sent by email.
The workflow intentionally passes meeting data between this skill, a Tencent meeting skill, and an email-sending skill.
调用 tencent-meeting-skill 获取腾讯会议侧未来 7 天会议列表 ... 调用 imap-smtp-email 发送通知邮件
Confirm the other skills are trusted, limit what meeting data is passed, and ensure email recipients and logs are appropriate.