Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Openclaw Rd Pipeline
v1.0.0Orchestrate OpenClaw end-to-end R&D delivery in Feishu from requirement intake to closure using PM, developer, reviewer, and tester subagents. Use when handl...
⭐ 0· 270·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims end-to-end orchestration that includes Feishu API access and Git repo operations (clone, push, open PR). However, the package declares no required environment variables, no primary credential, and no install steps for CLI/API clients. Legitimate operation of the described workflow would require Feishu credentials/API tokens and Git credentials (or a configured CI/automation account). This mismatch is an incoherence.
Instruction Scope
SKILL.md tells the agent to query Feishu group history, load wiki docs, create master/subtasks and update statuses, clone/update repositories, push branches, open PRs, and run lint/tests. Those instructions reach into external services and change state (Feishu, source control, CI). They also reference calling an external 'Superpowers' skill. The instructions do not limit or document which credentials/endpoints to use, nor do they restrict what historical/chat content may be read — increasing risk of unintended data exposure.
Install Mechanism
This is an instruction-only skill with no install spec. No packages are downloaded or extracted by the skill bundle, and the included script is a small local validator. From an installation standpoint there is no direct code download risk.
Credentials
The workflow clearly needs access to Feishu (to read history, create/update tasks) and Git repository credentials (to push branches and open PRs), yet requires.env and primary credential are empty. The absence of any declared credentials is disproportionate to the described operations and should be corrected — otherwise the agent would need to rely on ambient credentials or privileged runtime environment, which is risky.
Persistence & Privilege
always:false (default) and autonomous invocation permitted. Autonomous invocation is the platform default; taken alone this is fine, but combined with the other concerns (undisclosed external integrations and write actions) it raises the operational risk if the agent runs without explicit per-use consent or audit controls.
What to consider before installing
Do not install or enable this skill before getting clarifications and making configuration changes. Specifically: 1) Ask the author to list exactly which credentials and tokens are required (Feishu API token(s), Git account/token, CI credentials, any other service tokens) and to add them to requires.env/primary credential so you can review and provision scoped secrets. 2) Confirm where repository pushes and PRs will be made (which org/repo and which account) and insist on least-privilege tokens (repo-scoped, non-admin) and an audit trail. 3) Ask how Feishu access is scoped and whether chat/wiki reads are limited to the project group; sensitive chat history should be excluded or restricted. 4) Verify the dependency on the external "Superpowers" skill and review its permissions. 5) Test in a sandbox project with revoked or limited credentials before using in production. The validate_status_flow.py script appears benign (it only checks state transitions), but the orchestrated network/write operations require explicit, scoped credentials and documentation before this skill should be trusted.Like a lobster shell, security has layers — review code before you run it.
latestvk97701dkd4434e3bj3rzabyn9182934n
License
MIT-0
Free to use, modify, and redistribute. No attribution required.