Content Collector Skill
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is clearly intended to archive links, but it can silently collect group-chat links and write them into a shared Feishu knowledge base using Feishu permissions without clear per-use approval or tight scoping.
Install only if you are comfortable with links from chats being archived into a shared Feishu knowledge base. Before enabling it, restrict which chats and users can trigger it, require confirmation before publishing, verify the Feishu OAuth scopes and account used, and define cleanup, retention, and privacy rules.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Links shared in a group may be fetched and archived automatically, potentially creating or modifying shared Feishu content before a human reviews the action.
The skill instructs automatic silent collection of links even without an explicit archive request, which can trigger fetch, document creation, and table updates without per-use confirmation.
未检测到触发词但检测到链接 → 静默收录(隐式模式)
Require explicit user confirmation before fetching and writing content, or limit silent mode to allowlisted groups and trusted link types with an easy opt-out.
Any successful trigger could use Feishu access to create documents and edit tables, which may cross expected permission boundaries if the credential owner and scope are unclear.
The skill requires Feishu OAuth credentials to operate documents and tables, but the registry metadata declares no primary credential or required environment variables, and the instructions do not clearly bound whose delegated privileges are used for global triggers.
OAuth 授权 | `feishu_oauth` | 获取操作飞书文档和表格的用户凭证
Declare the Feishu credential requirements in metadata, document the exact OAuth scopes, and ensure actions run only under the requesting user's authorized permissions or an explicitly approved service account.
Sensitive or misleading content from chats or external links could be persistently stored and later reused or viewed by people who should not see it.
The skill uses persistent memory/configuration and stores collected content in a shared knowledge base visible to all users, but the artifacts do not define source allowlists, redaction, retention, or review controls.
Before using, ensure these are configured in MEMORY.md ... **Global Access**: 所有用户、所有群聊均可使用本技能,收录的文档对全员可见。
Add explicit privacy boundaries: approved groups, excluded sources, content review before publishing, retention rules, and redaction for secrets or personal information.
One accidental or malicious link could create multiple lasting records that require manual cleanup and may mislead future users.
Each collection propagates changes across multiple persistent Feishu assets, so a bad or unintended link can affect the document store, archive table, index, and statistics.
每次收录完成后,必须:1. **更新多维表格** ... 2. **更新素材索引文档** ... 3. **更新分类统计**
Use a pending-review queue, transaction-like rollback steps, duplicate checks, and clear cleanup instructions before updating multiple shared assets.