daily-learning-card
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its learning-card purpose, but it embeds a secret-like API key and automatically sends conversation-derived summaries to a fixed Feishu target.
Install only after reviewing or disabling the refinement script, replacing the hardcoded Feishu target with your own verified channel, and removing any bundled API secret in favor of your own declared credential. Be aware that enabling the cron task means the skill can keep reading conversation memory and sending summaries automatically.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may call an external API using a bundled credential rather than one you supplied, creating account, billing, and data-exposure risk.
The static artifact evidence shows an API key literal in code, while the registry declares no required env vars or primary credential. Embedded credentials are not scoped to the installing user and are hard to rotate.
const apiKey = '[REDACTED]';
Remove hardcoded secrets, require a user-owned environment variable or OpenClaw credential, declare it in metadata, and fail closed if it is absent.
If the constructed command includes sensitive memory content or unsafe quoting, the task could execute more broadly than expected or leak data through a shell/API call.
The script executes a constructed shell command. In the context of a scheduled memory-refinement task and an embedded API key, the exact command scope and escaping are important but not clearly bounded in the visible artifact.
const result = execSync(curlCmd, {Use a safer HTTP client instead of shelling out to curl, avoid building shell strings from content, and document the API endpoint and data sent.
Conversation summaries could be delivered to a Feishu group or chat you did not intend to use.
The script sends a memory-derived learning summary to a hardcoded Feishu target. The behavior is disclosed as delivery, but the fixed destination and lack of per-run confirmation make the data boundary important.
FEISHU_TARGET="oc_961ed2e84e1c196a9598dc6414d92ea6" ... openclaw message send --channel=feishu --target="${FEISHU_TARGET}" --message="${summary}"Before enabling cron, replace the default target with your own verified destination or disable automatic sending until you confirm the channel.
The skill can continue reading memory files and sending summaries on the configured schedule.
The skill documents a persistent scheduled task. This is expected for a daily learning-card skill, but it keeps running after installation until removed.
openclaw cron add ... --cron "0 10 * * *" ... --message "bash /home/admin/.openclaw/workspace/skills/daily-learning-cards/daily-learning-cards.sh" ... --announce --exact
Enable the cron task only after reviewing the scripts and target channel, and know how to list or remove the cron entry.
Parts of your conversations may remain in local memory files and later be summarized or reused.
The memory generator stores a truncated copy of raw conversation text in generated memory files. This is aligned with the learning-memory purpose but persists private context.
content += `## 原始对话\n\n`; ... content += rawMessages.substring(0, 2000);
Review the generated memory directories, avoid running it on highly sensitive conversations, and add retention or redaction controls if needed.
A malicious or accidental instruction inside past conversation text could influence the summarization agent.
Raw conversation text is embedded into a prompt and sent to the main agent for analysis. That is purpose-aligned, but remembered text could contain instructions that should be treated as data, not authority.
【今天的对话】\n${truncatedText} ... execSync(`openclaw agent --agent main --message "$(cat '${tempFile}')" --local 2>&1`, {Use an isolated, no-tool summarization path where possible and explicitly delimit conversation content as untrusted data.