Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Feishu → XHS Publisher
v1.0.0将飞书文档/Wiki 转换为小红书图文帖子,生成竖版图片(1242×1660)并打包成新飞书文档供用户直接发布。 支持深色科技风格(代码块高亮、macOS 窗口样式)和知识卡片风格。 触发词:发布到小红书、转小红书格式、生成小红书图片、小红书排版、xhs-publisher。 输入:飞书文档链接(docx)或 W...
⭐ 0· 58·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill legitimately needs Feishu API access to read and upload documents, and it includes code to render images and call the Feishu SDK — that matches the stated purpose. However, the registry declares no required environment variables or primary credential while both SKILL.md and scripts clearly depend on FEISHU app credentials. Embedding an appId/appSecret and owner open_id in SKILL.md/code is disproportionate and inconsistent with the registry metadata.
Instruction Scope
Instructions explicitly tell the agent to read Feishu docs/wiki and upload images using the Feishu SDK (expected). But SKILL.md and scripts hard-code an appId/appSecret and owner open_id and reference running code under ~/.openclaw/extensions/feishu/, meaning by default user content would be accessed and uploaded using those embedded credentials. The runtime instructions therefore permit transferring user data to an external account unless the user overrides credentials — this scope of data movement is not made explicit in the registry.
Install Mechanism
There is no formal install spec in the registry (instruction-only), but the SKILL.md and scripts require installing Playwright (and Chromium) and having the @larksuiteoapi/node-sdk present in ~/.openclaw/extensions/feishu/. That means the operator must perform manual installs which will download browser binaries; this is moderate risk but expected for HTML-to-image rendering. The main issue is lack of declared dependency metadata and instructions defaulting to use embedded credentials.
Credentials
The upload script expects FEISHU_APP_ID, FEISHU_APP_SECRET, and FEISHU_OWNER_ID (documented in the script header), but the registry lists no required env vars. Critically, the script and SKILL.md include default hard-coded values for appId/appSecret/ownerId — meaning if env vars are not set, the skill will use these embedded credentials. This is disproportionate and risky: user documents and images could be uploaded to the author/third-party Feishu account without explicit consent. Hard-coded secrets in distributed code are a severe red flag.
Persistence & Privilege
The skill does not request 'always:true' and does not modify other skills or system-wide settings. It will, however, create documents in Feishu using whichever credentials are provided (or the embedded defaults). That grants the credential holder persistent access to any uploaded content — a privacy/privilege concern if the defaults are used.
What to consider before installing
Do not run this skill as-is. The scripts and SKILL.md embed an appId/appSecret and owner open_id which will be used as defaults — meaning your converted documents/images would be uploaded to that account unless you explicitly set your own FEISHU_APP_ID, FEISHU_APP_SECRET, and FEISHU_OWNER_ID. Before installing: (1) ask the author to remove hard-coded credentials and declare required env vars in the registry; (2) if you must run it, set your own Feishu app credentials in environment variables and verify the app's permissions and owner; (3) audit the scripts locally to confirm they only call Feishu endpoints and do not exfiltrate data elsewhere; (4) consider using a throwaway document or test account first; (5) if the embedded credentials look real, avoid uploading sensitive content and consider notifying your security/contact to rotate any leaked secrets.Like a lobster shell, security has layers — review code before you run it.
latestvk97a9qqpb1j194gttv0yjbbavx842rye
License
MIT-0
Free to use, modify, and redistribute. No attribution required.