扫描报告
5 /100
agent-factory
创建新的 OpenClaw Agent 并自动配置飞书机器人
Agent factory skill creates OpenClaw agents with Feishu bot binding. All capabilities (shell, filesystem, network) are declared and necessary for the documented functionality. No malicious indicators detected.
可以安装
No action required. Skill is safe to use as documented.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 命令执行 | WRITE | WRITE | ✓ 一致 | SKILL.md: Uses openclaw CLI, clawhub, curl - all documented |
| 文件系统 | WRITE | WRITE | ✓ 一致 | SKILL.md: Creates ~/.openclaw/workspace-{name}/ files |
| 网络访问 | READ | READ | ✓ 一致 | SKILL.md: Validates credentials via Feishu API https://open.feishu.cn |
1 项发现
中危 外部 URL 外部 URL
https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal SKILL.md:36 目录结构
2 文件 · 18.6 KB · 657 行 Markdown 1f · 652L
JSON 1f · 5L
├─
_meta.json
JSON
└─
SKILL.md
Markdown
安全亮点
✓ All shell commands are documented platform tools (openclaw, clawhub)
✓ Network calls limited to Feishu API for credential validation
✓ Atomic file writes with backup demonstrate good security practice
✓ No credential exfiltration - appSecret stored only in local config
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)
✓ No base64/eval patterns or suspicious encoded payloads
✓ No external script downloads (curl|bash, wget|sh)