大圆虾-日程助手
v1.0.0云计算客户经理日程管理与提醒系统。帮助管理客户拜访、合同到期、续费提醒等日程安排。
⭐ 0· 58·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name, description, and instructions all describe calendar/schedule management and reminders (customer visits, contract expirations, renewals). There are no unrelated binaries, credentials, or install actions requested.
Instruction Scope
The SKILL.md stays within scheduling/reminder scope and references using cron, message sending, and creating Feishu docs. However the instructions are high-level (use 'read'/'write' for schedule files) without specifying file paths or storage boundaries, which gives the agent discretion about what files to access. Recommend confirming where schedule data is stored and what file paths the agent is allowed to read/write.
Install Mechanism
No install spec, no code files, and no downloads — lowest risk. The skill is instruction-only and does not write executables to disk.
Credentials
The skill declares no required environment variables or credentials. SKILL.md references integrations like 'feishu_doc' and 'message' which typically require platform-level messaging/document permissions; this is plausible if the platform supplies those tools, but you should verify how those integrations are authenticated and that the skill will not request or need unrelated secrets.
Persistence & Privilege
always is false and the skill does not request persistent installation or modify other skills' settings. Autonomous invocation is allowed by default and is expected for this type of skill.
Assessment
This skill appears coherent and low-risk because it is instruction-only and asks for no installs or credentials. Before enabling it: 1) Confirm which platform tools (message, feishu_doc, cron) the skill will use and what permissions those tools have — ensure it only gets permission to send notifications and create docs for relevant accounts. 2) Ask where schedule files are stored and limit file read/write scope so the agent cannot access unrelated files. 3) If you use Feishu or other external services, make sure authentication is handled by the platform (not by pasting credentials into the skill) and review audit/logging for sent notifications. If any of those answers are unclear, treat the skill as needing further review before granting it access.Like a lobster shell, security has layers — review code before you run it.
latestvk97cwrhqmkvgwxp59z0mzhz0d984ceed
License
MIT-0
Free to use, modify, and redistribute. No attribution required.