Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Purpose (record mic and send to Feishu) aligns with the instructions: it instructs creating an Automator RecordMic.app that runs ffmpeg, writes a WAV to /tmp, denoises it, and copies it into ~/.openclaw/workspace for sending. However the declared metadata claims no required binaries or credentials, while the instructions clearly rely on system binaries (open, ffmpeg) and an outbound messaging facility (message(action="send", channel="feishu")). The omission of these requirements is an inconsistency.
Instruction Scope
SKILL.md gives concrete runtime steps (open RecordMic.app, ffmpeg denoising commands, specific paths like /tmp/openclaw_recording.wav and ~/.openclaw/workspace/recording_latest.wav). These are within the stated purpose, but the instructions also tell the operator to inspect and edit Automator workflow contents (document.wflow) and rely on RecordMic.app to auto-copy files into workspace. The agent instructions reference local filesystem paths and expect microphone permission — appropriate for a recorder but should be explicitly declared.
Install Mechanism
No install spec (instruction-only). That is lower risk. Note: the skill expects the user to create an Automator app and for ffmpeg to be available; the skill does not provide an install or verify ffmpeg/other binaries are present.
Credentials
No environment variables or credentials are declared, yet the skill sends audio to Feishu using message(..., channel="feishu"). Sending to Feishu typically requires API credentials or platform-managed integration; the SKILL.md does not explain where credentials come from. Also it uses sensitive resources (microphone audio) and transmits them — this privacy-risk is not addressed in the instructions.
Persistence & Privilege
always is false and there is no install writing to system locations. The skill relies on a user-created Automator app and workspace copies; it does not request elevated or persistent platform privileges in metadata.
What to consider before installing
This skill will record microphone audio and send the resulting file to a Feishu channel. Before installing/using it:
- Understand it will capture sensitive audio and transmit it externally — confirm you trust the Feishu destination and know which account/channel will receive files.
- The SKILL.md assumes an Automator app (~/.openclaw/tools/RecordMic.app) and uses ffmpeg and the macOS open command, but the skill metadata declares no required binaries. Make sure ffmpeg is installed from a trusted source and that RecordMic.app’s workflow is exactly what you expect before granting microphone access.
- Verify where credentials for Feishu come from (platform-provided 'message' API or stored tokens). If the skill requires Feishu API keys, ask the author for explicit required env vars and minimal-scope credentials.
- Check the RecordMic.app contents (document.wflow) before running to ensure it only executes the expected ffmpeg and copy commands and doesn't run arbitrary code.
- If you need a safer setup, request the author to: (1) declare required binaries (ffmpeg, open), (2) list required credentials or confirm use of platform-managed messaging, and (3) provide a checksum or source for RecordMic.app or an alternative install script so you can inspect what will run.
I rate this suspicious rather than malicious because the behavior matches the stated purpose but important operational details and dependencies are omitted, and the skill handles highly sensitive data (microphone audio) that will be transmitted externally.Like a lobster shell, security has layers — review code before you run it.
latestvk97ezrsqgj0tgykj2bmcvy3j8182mxez
License
MIT-0
Free to use, modify, and redistribute. No attribution required.