OpenClaw confluence

The skill is suspicious due to its explicit instruction in SKILL.md and implementation in scripts/migrate-from-confluence-cli.js to access and read a sensitive configuration file located outside the skill's directory, specifically `~/.confluence-cli/config.json`. This script parses the file to extract Confluence credentials (domain, email, API token) and writes them into the skill's local `.env` file. While the stated intent is 'migration' and not external exfiltration, accessing sensitive user files from the home directory without explicit, granular consent is a high-risk behavior and a privacy concern.