Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Sql To Doc
v1.0.0执行SQL查询并将结果按照指定模板整理后写入飞书云文档。适用于数据周报、数据汇总、统计报告等场景。
⭐ 0· 60·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to create Feishu cloud documents and send Feishu IM notifications, but requires only META_CENTER_TOKEN and DATAWORKS_PROJECT. There is no declared Feishu credential (e.g., FEISHU_TOKEN, APP_ID/APP_SECRET) even though the instructions call feishu_create_doc and feishu_im_user_message. This is an incoherence: creating documents in Feishu normally requires Feishu auth.
Instruction Scope
SKILL.md instructs the agent to execute SQL via DataWorks OpenAPI (via exec), transform results into Python objects, render Jinja2 templates, and call Feishu creation/notification tools. The instructions assume availability of Jinja2 and of feishu_* helper actions. They do not reference or limit what 'exec' will run, which grants broad discretion to run arbitrary commands against DataWorks OpenAPI — expected for the task but worth noting. The instructions do not ask to read unrelated system files, but they rely on implicit runtime tools and credentials that are not declared.
Install Mechanism
No install spec and no code files (instruction-only). This reduces the risk of arbitrary code being written to disk. No third-party packages are being fetched by the skill itself.
Credentials
Only META_CENTER_TOKEN and DATAWORKS_PROJECT are declared. For full functionality, additional credentials (Feishu app token/credentials, or other DataWorks auth) are typically required. META_CENTER_TOKEN's scope is unspecified — it could grant wide access beyond what's needed. The minimal declared envs do not justify the Feishu operations described, creating a proportionality mismatch.
Persistence & Privilege
always is false and there is no install step that writes persistent files or modifies other skills. The skill can be invoked autonomously by the agent (default), which is normal; this is not combined with 'always: true' or other elevated persistence requests.
What to consider before installing
This skill looks plausible for automating DataWorks→Feishu reports, but there are inconsistencies you should resolve before installing or granting credentials:
- Ask the publisher why no Feishu credentials are declared. Creating Feishu docs and sending IMs normally requires Feishu app tokens (APP_ID/APP_SECRET or API token). Do not provide broad Feishu or platform tokens until you confirm exact required scopes.
- Confirm what META_CENTER_TOKEN grants. Limit tokens to least privilege (only access to the specific DataWorks project and read-only SQL execution if possible).
- Request details about the 'feishu_create_doc' and 'feishu_im_user_message' helpers: are they platform-provided, audited internal actions, or custom scripts? Prefer well-known, documented integration points.
- Because the skill uses exec to call DataWorks OpenAPI, test it first in a safe environment (non-production project) to confirm it only runs intended queries.
- Prefer a published source or homepage and a verifiable owner. The package has unknown source — that raises supply-chain risk.
If the publisher provides the missing credential requirements, limited-scope tokens, and a clear explanation of the helper tools, the skill would be more coherent. Until then treat it with caution and avoid exposing high-privilege credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk97bkr5q6dembzh82bdhznpye1841wrf
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
EnvMETA_CENTER_TOKEN, DATAWORKS_PROJECT