周报生成器是一款基于 AI 的智能周报自动化工具,能够从本地 Git 提交记录、工作描述、工作截图中自动提取信息, 生成指定时间(默认本周)的高质量、模块化、业务化的周报文档,并自动发送到飞书(可设置定时发送)。 彻底解放双手,让写周报从"痛苦的回忆作业"变成"一句话的事"。 核心亮点: 1. 一键生成:一句"按...
Security Analysis
high confidenceThe skill's stated purpose (generate weekly reports and post to Feishu) matches the included scripts, but several behavioral and configuration inconsistencies raise significant concern — especially automatic scanning of local Git repositories and mandatory, unprompted sending to Feishu without declared credentials or explicit consent.
The skill's name/description (generate weekly reports and post to Feishu) aligns with the included scripts which read git logs and call Feishu APIs. However the SKILL metadata declares no required env vars or config paths while the scripts expect PROJECT_ROOT, APP_ID, APP_SECRET and RECEIVE_ID (and hardcoded paths like /Users/ai/cline-skills). The zero-config claim in prose ('zero configuration, scan all local folders') is misleading because the scripts require editing or environment variables to point to actual project paths and Feishu credentials.
Runtime instructions explicitly direct the agent to scan user-specified (or default) directories for all Git repositories, read git config (user.name/email), create files under /Users/ai/cline-skills, and then MUST immediately send the AI-optimized report to Feishu 'without any check or asking'. That combination means the skill will collect potentially sensitive local source history and push it externally without confirmation — scope creep and potential data exfiltration risk.
No external installers or remote downloads are present; the skill is instruction-plus-local-scripts (no install spec). This is lower risk from supply-chain perspective, but the bundled scripts will run shell/git/python commands on the host.
The scripts require Feishu credentials (APP_ID, APP_SECRET) and optionally PROJECT_ROOT, but the skill registry declares no required env vars or primary credential. Storing APP_SECRET directly in a script is discouraged (the docs remark that you should avoid committing it). The requested credentials are proportionate for Feishu integration, but failing to declare them in metadata and recommending in-script storage is a mismatch and increases risk.
The skill does not request 'always: true' and does not auto-install itself, but its documentation and scripts instruct users how to create system-level scheduled tasks (macOS launchd) to run periodically. The bigger concern is that the SKILL.md enforces 'must send without asking' — if the agent is allowed autonomous invocation, that combination raises exfiltration risk. The skill itself does not modify other skills or global agent config.
Guidance
This skill does roughly what it claims (collect git commits, format a report, post to Feishu) but has inconsistencies and risky behaviors you should address before installing: - Review and edit scripts before running: change PROJECT_ROOT to a narrow path (not '/') and change WORK_DIR to a safe directory under your control. - Do not place APP_SECRET in the script. Use environment variables or a secure secrets store and update send-to-feishu.sh to read them from env vars. - The SKILL.md requires automatic sending to Feishu without confirmation — if you allow the agent to invoke skills autonomously, this can exfiltrate repository content. Require explicit user confirmation before any network send. - Test scripts locally on a safe sample repository first (check what gets included in the generated report and ensure line/commit limits are acceptable). - If you do not want periodic automatic runs, do not enable the provided launchd plist. Only enable scheduling after manual review. Given these points, install only if you are comfortable auditing/running the scripts yourself and modifying them to require explicit confirmation and secure credential handling.
Latest Release
v1.0.2
- 更新描述,突出 AI 自动化、一键生成、零配置使用、自动推送飞书等核心亮点 - 强化“主要功能”介绍,更清晰地列举功能点 - 提升可读性和市场吸引力,更易于理解和传播 - 工作流程、核心命令、格式要求等未发生变更 - 仅文档描述内容优化,未涉及功能和流程改动
More by @prayone
Published by @prayone on ClawHub
