The Agent Skills Directory

[DATA_EXFILTRATION]: The skill presents an indirect prompt injection surface by downloading external content from Feishu tokens.
Ingestion points: scripts/download_feishu_pdf.py fetches file content from the Feishu API.
Boundary markers: Absent; there are no instructions for the agent to disregard potential embedded commands in the downloaded data.
Capability inventory: The skill has file system write capabilities via open().write and network access through the requests library.
Sanitization: Absent; the downloaded binary data is saved directly to the file system without inspection or filtering.
[DATA_EXFILTRATION]: The script reads authentication credentials from local configuration files (~/.openclaw/.env). While this is a standard method for managing API keys, it involves accessing sensitive environment files in the user's home directory.
[COMMAND_EXECUTION]: The script performs file system writes to a local file path provided as a command-line argument. It does not validate the output path, which theoretically allows writing to or overwriting arbitrary files if an unsafe path is supplied to the script.

feishu-pdf-downloader