Skillv1.0.0

ClawScan security

Feishu Screenshot · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 15, 2026, 3:22 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions do perform a screen capture and send it to Feishu (matching its description) but they contain hard-coded user/OS paths, assume a Windows+WSL environment and implicit Feishu channel credentials, which is brittle and privacy-sensitive.
Guidance: This skill will execute a PowerShell command to capture your entire primary screen, save the image in C:\Users\edy\Pictures\screenshot.png, copy it into /home/edy/.openclaw/workspace, and then send it via the 'feishu' channel. Before installing or using it, consider the following: - Privacy: Full-screen screenshots may capture passwords, private messages, or other sensitive data. Only allow this if you trust the agent and the destination (Feishu). - Environment assumptions: The SKILL.md hard-codes a Windows username and uses /mnt/c/… and /home/… paths (WSL). If you are not running Windows with WSL or your username is not 'edy', the commands will fail or may target the wrong files. Ask the author to parameterize paths or confirm compatibility with your OS. - Credentials: The skill does not declare Feishu credentials; verify how your platform provides Feishu access and whether the skill will use the correct account. If you do not want it to send automatically, require an explicit user confirmation step. - Safety improvements: Prefer a version that (a) uses placeholders or variables for usernames and workspace paths, (b) prompts the user for confirmation before capturing/sending, (c) deletes temporary files after sending, and (d) documents required platform permissions (ability to run PowerShell and access the workspace). If you cannot verify or modify the SKILL.md, run it only in a controlled environment (test account or VM) and inspect the commands the agent will execute. If you are uncomfortable with the hard-coded paths or automatic sending, do not install or invoke this skill.

Review Dimensions

Purpose & Capability: noteThe name/description (capture screen and send to Feishu) match the actual instructions: a PowerShell full-screen capture, copying the image into the agent workspace, and a send action to the 'feishu' channel. However, the instructions hard-code user-specific paths (C:\Users\edy and /home/edy/.openclaw/workspace) and assume WSL-style paths (/mnt/c/...). Those assumptions are not justified in the metadata (no declared OS restriction or required binaries) and make the skill non-portable and potentially incorrect for other users.
Instruction Scope: concernThe SKILL.md tells the agent to execute a PowerShell command that captures the entire primary screen and writes a PNG into the user's Pictures folder, then copies it into the agent workspace and triggers a send action. Capturing the full screen can expose sensitive data; the instructions run arbitrary shell commands and access absolute user paths. The instructions also do not include user consent or an explicit prompt before capturing, nor do they parameterize username/paths or handle non-Windows environments.
Install Mechanism: okThere is no install spec or code to write to disk; this is instruction-only. That minimizes supply-chain risk because nothing is downloaded or installed by the skill itself.
Credentials: noteThe skill declares no required environment variables or credentials, but it issues a 'send' action to a 'feishu' channel (which implies the platform/agent must have Feishu credentials configured). The absence of any declared credential requirement is not necessarily wrong if Feishu access is provided by the platform, but it is not documented here. The skill also requires filesystem access to the user's Pictures folder and the agent workspace (hard-coded paths).
Persistence & Privilege: okThe skill does not request always: true, no installs, and does not attempt to modify other skills or system-wide configuration. It only instructs the agent to run commands at runtime.