Skillv1.1.0

ClawScan security

Human-Agent Collaboration Protocol · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 16, 2026, 9:05 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's stated purpose (meeting prep & follow-up) matches its instructions, but it instructs the agent to call Feishu APIs and write meeting notes to agent memory without declaring any credentials or config requirements — an incoherence that should be resolved before trusting it.
Guidance: This skill appears to be what it says (meeting prep and follow-up), but it instructs the agent to call Feishu APIs (create/fetch/update docs and create tasks) and to save outputs to agent memory while declaring no required credentials or config. Before installing or enabling it, confirm: 1) whether your agent platform already provides a secure Feishu connector (and what permissions it will grant — read/update docs, create tasks), 2) who supplies the Feishu credentials and whether they remain private, and 3) whether you’re comfortable meeting content being stored in agent memory/YYYY-MM-DD.md. If the platform does not provide a built-in Feishu integration, ask the skill author to explicitly declare required env vars/permissions (e.g., FEISHU_APP_ID/APP_SECRET or workspace token) and to explain how auth is obtained and scoped. If you cannot verify these, treat the skill as risky because it may attempt to access external documents and persist sensitive meeting data without explicit credential handling.

Review Dimensions

Purpose & Capability: noteName/description (human-agent collaboration for meetings) align with the SKILL.md workflow (pre-meeting questions, Context Card, post-meeting Output and task creation). The high-level capability is coherent with the content.
Instruction Scope: concernRuntime instructions direct the agent to call feishu_create_doc, feishu_fetch_doc, feishu_task_task, and feishu_update_doc and to save Output to memory/YYYY-MM-DD.md. These actions are within meeting workflow scope, but they involve fetching/updating external documents and persistent storage without describing how auth/permissions are obtained or what exact endpoints are used.
Install Mechanism: okInstruction-only skill with no install spec and no code files — low install risk. Nothing will be written to disk by an installer.
Credentials: concernThe instructions clearly require access to Feishu APIs (read/write docs, create tasks) and to persist outputs in agent memory, yet the skill declares no required environment variables, credentials, or config paths. Missing declaration of Feishu credentials/permissions is a proportionality mismatch and a practical blocker (or a stealth requirement).
Persistence & Privilege: notealways is false and the skill does not request elevated platform privileges. It does direct writing to memory/YYYY-MM-DD.md (agent memory/persistent storage) and to external Feishu docs/tasks after user confirmation; this is reasonable for its purpose but should be explicitly disclosed.