Back to skill
Skillv1.0.0
ClawScan security
Release Package · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 14, 2026, 5:45 AM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The package's code and runtime instructions expect Feishu API credentials and will perform networked operations, but the skill metadata does not declare the required secrets and the registry metadata (name/slug) doesn't match the contained skill — these inconsistencies warrant caution.
- Guidance
- This package implements a Feishu Bitable storage manager and will read local images and make outbound API calls to Feishu; it requires FEISHU_APP_ID, FEISHU_APP_SECRET, FEISHU_BITABLE_TOKEN, and FEISHU_TABLE_ID to work, but the registry metadata does not declare those environment variables. Before installing: (1) Verify the publisher and canonical source (the registry shows 'unknown' source/homepage); (2) Inspect storage_manager.py and install.sh yourself — they will attempt network calls and create a ~/.local/bin symlink and a config example file; (3) Remove or verify the hard-coded example tokens used in test_basic.py and do not reuse them as real secrets; (4) If you proceed, create a Feishu app with minimal permissions and use scoped credentials; (5) Prefer running install/test in a sandbox/container first. The mismatch between the package name/slug and the contained skill is a red flag — treat this package cautiously unless you can confirm its origin.
Review Dimensions
- Purpose & Capability
- concernRegistry metadata and package name ('Release Package', slug 'release-package') do not match the embedded SKILL.md and code (a 'Storage Manager' for Feishu Bitable). Required runtime capability (Python3) matches, but the mismatch in naming/slug suggests packaging errors or possible misdirection.
- Instruction Scope
- concernSKILL.md and storage_manager.py expect and instruct use of Feishu app credentials (FEISHU_APP_ID, FEISHU_APP_SECRET, FEISHU_BITABLE_TOKEN, FEISHU_TABLE_ID) and perform file reads (image upload) and outbound network calls to Feishu APIs. However the skill registry 'requires.env' lists no environment variables. The runtime instructions will therefore attempt to access secrets not declared in metadata — an incoherence and a potential surprise to users.
- Install Mechanism
- noteThere is no platform install spec, but an included install.sh will install Python 'requests' (via pip3 if missing), make local files executable, create a symlink in ~/.local/bin, and write a config.example.env. No network downloads of archives or remote code are performed by the script, which reduces risk, but the script will modify user home (symlink and write file).
- Credentials
- concernThe code requires Feishu API credentials and a table token to function, yet the skill declares no required environment variables or primary credential. test_basic.py sets example FEISHU_* environment variables (hard-coded sample-looking tokens) which is suspicious and may mislead users into thinking those are safe defaults. Requesting secrets for an external service without declaring them is disproportionate and opaque.
- Persistence & Privilege
- okThe skill is not always-enabled, does not request elevated system-wide permissions, and does not modify other skills' configurations. The install script creates a user-local symlink and config example only; there is no evidence of privileged persistence.