Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Simple Management of Product Documents
v1.1.0Simple Management of Product Documents - A structured workflow for managing product documentation in Feishu (Lark). Use this skill when: - Creating a new pro...
⭐ 0· 81·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's stated purpose is Feishu (Lark) document management, which aligns with the instructions and examples. However, the package declares no required environment variables or credentials while the included reference (references/feishu-api-setup.md) contains an App ID, App Secret, user_access_token, refresh_token, and concrete document links. Either those values are accidental/leftover secrets or the skill expects secret access but fails to declare it. That mismatch is incoherent and risky.
Instruction Scope
SKILL.md and the reference files provide step-by-step Feishu OAuth flows and API calls (creating spaces, writing docs, token refresh). They instruct storing App Secret in env vars and to use user_access_token mode. The instructions themselves stay within Feishu doc management, but the included reference material explicitly publishes sensitive credentials and example tokens and also suggests storing config data (including API keys and env variables) in configuration records—potentially encouraging secret disclosure in project docs. The skill's instructions do not request explicit user confirmation around any embedded credentials, leaving room for accidental reuse or leakage.
Install Mechanism
No install spec or binaries — instruction-only. This is low technical risk from an install/execution standpoint (nothing is dropped or executed on disk by an installer).
Credentials
The skill declares no required env vars or primary credential, yet the supplied references include an App Secret and user tokens. That indicates either undocumented credential requirements or inadvertent inclusion of real secrets. The skill also encourages use of user_access_token (which grants document-level edit access) but does not declare or manage those credentials. Requesting or embedding tokens of another user's account is disproportionate and suspicious.
Persistence & Privilege
The skill is not marked always:true and has no install; it does not request persistent system-level privileges. Autonomous invocation is allowed (platform default) but this is not sufficient alone to elevate privilege concerns.
Scan Findings in Context
[hardcoded-feishu-credentials] unexpected: references/feishu-api-setup.md contains an App ID, an App Secret, a user_access_token, a refresh_token, and concrete document links under '实际案例'. These are sensitive credentials for Feishu (Lark) and are not declared in requires.env; the included credentials could be valid and should be treated as secret. (The repository pre-scan reported no automated regex findings, but the credentials are plainly present in the provided file contents.)
What to consider before installing
Do not assume these embedded values are harmless examples. Before installing or using this skill: 1) Ask the author to remove any App Secret, access tokens, refresh tokens, or other credentials from the skill files and confirm whether the included values are placeholders or real. 2) If they are real, do not use them — those credentials should be rotated immediately by the owner. 3) Require the skill to declare any needed environment variables formally (e.g., FEISHU_APP_ID, FEISHU_APP_SECRET, FEISHU_USER_TOKEN) instead of embedding secrets in docs, and prefer storing secrets in a secrets manager, not in documentation. 4) Verify whether your agent will ever autonomously call the Feishu APIs using any embedded tokens; if so, ensure tokens are yours, limited in scope, and revocable. 5) Consider treating the skill as untrusted until the credentials are removed or replaced with clearly labeled, non-privileged test values and until the author explains why credentials appear in the bundle.Like a lobster shell, security has layers — review code before you run it.
latestvk970e8xnfj22s9scyfhddt7p8583m6my
License
MIT-0
Free to use, modify, and redistribute. No attribution required.