The Agent Skills Directory

[CREDENTIALS_UNSAFE]: In scripts/create_feishu_doc.py, the skill attempts to read sensitive files from the user's home directory, specifically ~/.openclaw/.env and ~/.claude/feishu-config.env, to retrieve FEISHU_APP_ID and FEISHU_APP_SECRET. Additionally, SKILL.md contains hardcoded node_token and space_id values for the target Feishu Wiki.- [COMMAND_EXECUTION]: The script scripts/create_feishu_doc.py uses subprocess.run to execute an external Python script located at ~/.agents/skills/feishu-doc-orchestrator/feishu-md-parser/scripts/md_parser.py. This creates a runtime dependency on unverified code outside the skill's own package.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted news data from web_search tools and interpolating it into report templates in scripts/generate.py.
Ingestion points: The news_data parameter in the generate_daily_report function in scripts/generate.py receives external web content.
Boundary markers: None are present; content is directly formatted into the V5_TEMPLATE string.
Capability inventory: The skill has the ability to write to the local file system and transmit data to external APIs via network requests.
Sanitization: There is no sanitization or validation of the input news content before it is included in the final report output.- [DATA_EXFILTRATION]: The skill transmits document content and authentication tokens to Feishu API endpoints (open.feishu.cn). While this is the intended functionality, it involves the outbound transfer of potentially sensitive user data to a third-party service.

daily-report