Skillv1.6.1

ClawScan security

Family Cultivation Coach · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 28, 2026, 1:10 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only parenting schedule/coach skill that is internally consistent with its description — it integrates with Feishu or Notion to store records and push reminders — but it will ask you to provide service tokens and can perform automatic read/write to those services, so review credential handling and automatic push behavior before enabling.
Guidance: What to check before enabling this skill: - Credentials: The skill requires Feishu App Token / table IDs or a Notion Internal Integration Token to store and read records. Only provide these via secure channels and avoid pasting them into public chats. Prefer creating a dedicated integration account/token with the minimum scopes needed and revoke it if you stop using the skill. - Automatic writes/pushes: If you select Feishu mode the skill will auto-send daily 'speed cards' and auto-push daily reports when users reply. If you don't want automatic pushes, use Notion mode (no proactive pushes) or limit the Feishu setup. Confirm OpenClaw/your platform's Feishu integration settings and which OpenID/group will receive pushes. - Data privacy: The skill stores detailed child/family information. Consider the privacy policies and storage location of the chosen backend (Feishu vs Notion), and avoid including highly sensitive health/diagnostic details in records. - Least privilege: Create tokens with limited scopes (only the tables/databases required) and separate integrational tokens per family or child where possible. - Prompt-injection signal: The static scan found unicode control characters. That can be harmless formatting, but it can also be used to obscure instructions. If you are unsure, review the SKILL.md file in a plain text editor (visible characters only) or ask the publisher to confirm there are no hidden control sequences. - Testing: Before adding real child data, test with dummy data and a disposable token to confirm the read/write and push behaviors match your expectations. If you want, I can list the exact Feishu/Notion scopes to request for least-privilege tokens or draft a short checklist of questions to ask the skill maintainer about token handling and auto-push behavior.
Findings: [unicode-control-chars] unexpected: The scanner flagged unicode-control-characters inside SKILL.md. This is not expected for a scheduling/assistant skill and could be an attempt at prompt-injection or an artifact of file formatting. No other regex hits or obfuscated endpoints were found.

Review Dimensions

Purpose & Capability: okThe skill name/description (family cultivation coach) matches the instructions: structured data collection, weekly schedule generation, and optional persistence to Feishu or Notion. The connectors and data it asks for (feishu_config.md, Notion API token, table/database IDs) are coherent with the described backends. No unrelated credentials, binaries, or installs are requested.
Instruction Scope: noteSKILL.md instructs the agent to read/write local config files (feishu_config.md) and to call Feishu/Notion APIs for reading/writing child profiles, schedules, daily logs, reports, and temp events — this is expected for the stated purpose. However, the skill also documents automatic behaviors (timed pushes, auto-generation of daily reports when users reply to 'speed cards') that cause it to create and send content without repeated user confirmation once Feishu mode is enabled; users should be aware that enabling Feishu mode grants the skill permission to perform writes/pushes on that platform.
Install Mechanism: okNo install spec or code is included; the skill is instruction-only, so nothing is downloaded or written at install time. Risk from installation mechanism is minimal.
Credentials: noteThe skill declares no required env vars, but instructs users at runtime to provide Feishu App Token/App ID/secret/Table IDs (via a local feishu_config.md) or a Notion Internal Integration Token. Those credentials are appropriate and proportional to the described Feishu/Notion integration, but they are sensitive — the skill asks users to paste/store them for API access, which requires careful handling.
Persistence & Privilege: notealways:false and model invocation is allowed (normal). The skill expects to operate across sessions and to read/write persistent records in an external backend (Feishu/Notion). This persistence is consistent with its purpose, but combined with automatic push/write behavior in Feishu mode it increases blast radius if credentials are misused or if the platform misroutes messages — users should confirm whether they want automatic pushes enabled.