Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Content Collector Skill
v0.1.0Automatically collect content from shared links upon keywords or in group chats, create Feishu docs under a knowledge base, and update the archive table.
⭐ 0· 479·5 current·5 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to archive shared links into a Feishu knowledge base, but the package declares no required credentials, env vars, or config paths. The SKILL.md explicitly requires Feishu OAuth, creation/editing permissions, a Bitable app_token, Space ID, and table IDs — all of which are necessary for the stated purpose but are not declared in the skill metadata. This is an incoherence between claimed purpose and requested capabilities.
Instruction Scope
The runtime instructions direct the agent to detect links (including in group and private chats), fetch arbitrary external web content and images, download and re-upload images to Feishu, create docs under a specified Space/wiki_node, and update multi-dimensional tables and indexes. It also specifies a 'silent collection' mode that will auto-archive links in group chats unless a user explicitly refuses. These behaviors go beyond a simple helper and involve network fetching, storage, and global automatic capture of user-shared content and metadata — a high privacy/risk surface that is not constrained by the metadata.
Install Mechanism
There is no install spec and no code files (instruction-only). That reduces filesystem risk (nothing is downloaded or executed from external URLs), but it also means all behavior is driven by the SKILL.md text and any runtime integrations the agent performs. Because there's no code to review, you must trust the instructions and the runtime platform's implementation.
Credentials
The skill requires multiple sensitive credentials and tokens in practice (Feishu OAuth tokens, Space ID, Bitable app_token, table IDs, upload permissions) yet declares none. It also instructs storing configuration in MEMORY.md. This mismatch is a red flag: the skill will need secrets with broad write access to a shared knowledge base and the ability to upload files, but those needs are not surfaced in the metadata for user review.
Persistence & Privilege
The skill is allowed to be invoked autonomously (platform default) and its behavior includes global, silent collection across all groups and private chats per SKILL.md. While 'always' is false, the combination of autonomous invocation and instructions to auto-archive messages broadly increases the blast radius and risk of unintended data capture or exfiltration. The skill also promises to prompt for OAuth and perform pre-flight checks which, if automated, could obtain persistent tokens with wide scope.
What to consider before installing
Do not install this skill as-is. The SKILL.md requires Feishu OAuth, app/table tokens, and permission to read and write to a shared knowledge base and to upload images, but the skill metadata claims no credentials — that's inconsistent and unsafe. Specific recommendations before installing: (1) Require the author to declare all required env vars/credentials in metadata (feishu client id/secret or service account, bitable app_token, Space ID, table ID). (2) Remove or disable 'silent collection' — require explicit user consent for each save, or restrict to specific whitelisted groups. (3) Limit OAuth scopes to the minimum needed and document exactly which account or service is used (per-user OAuth vs. single service account). (4) Require admin approval for the target knowledge base/Space and restrict writes to a controlled folder. (5) Provide audit logging and a user-facing preview step before saving. (6) Because this is instruction-only (no code to inspect), validate these changes and run a small controlled trial with test accounts before broad rollout. If the author cannot or will not provide these clarifications and metadata fixes, consider the skill unsafe to enable.Like a lobster shell, security has layers — review code before you run it.
latestvk9782qbsr4dxbnaq7zh22k0qrs82j04v
License
MIT-0
Free to use, modify, and redistribute. No attribution required.