daily-learning-card

The skill may call an external API using a bundled credential rather than one you supplied, creating account, billing, and data-exposure risk.

The static artifact evidence shows an API key literal in code, while the registry declares no required env vars or primary credential. Embedded credentials are not scoped to the installing user and are hard to rotate.

If the constructed command includes sensitive memory content or unsafe quoting, the task could execute more broadly than expected or leak data through a shell/API call.

The script executes a constructed shell command. In the context of a scheduled memory-refinement task and an embedded API key, the exact command scope and escaping are important but not clearly bounded in the visible artifact.

Conversation summaries could be delivered to a Feishu group or chat you did not intend to use.

The script sends a memory-derived learning summary to a hardcoded Feishu target. The behavior is disclosed as delivery, but the fixed destination and lack of per-run confirmation make the data boundary important.

The skill can continue reading memory files and sending summaries on the configured schedule.

The skill documents a persistent scheduled task. This is expected for a daily learning-card skill, but it keeps running after installation until removed.

Parts of your conversations may remain in local memory files and later be summarized or reused.

The memory generator stores a truncated copy of raw conversation text in generated memory files. This is aligned with the learning-memory purpose but persists private context.

A malicious or accidental instruction inside past conversation text could influence the summarization agent.

Raw conversation text is embedded into a prompt and sent to the main agent for analysis. That is purpose-aligned, but remembered text could contain instructions that should be treated as data, not authority.