The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local Python script (scripts/report.py) to process logs. This is the primary intended function and is performed using standard libraries without suspicious flags.
[DATA_EXFILTRATION]: The skill collects token usage data and brief work summaries from agent logs (~/.openclaw) and memory files (~/clawd/memory). While this involves reading interaction history, it is consistent with the stated purpose of a 'Token Reporter'. The data is formatted for a Feishu Bitable and sent via the lark-mcp tool, which is a transparent reporting mechanism.
[CREDENTIALS_UNSAFE]: The skill requires a config.json file to store Feishu API identifiers (app_id, app_token). The provided config.example.json contains only placeholders, and the documentation correctly instructs the user to manage their own secrets locally, which is a standard and safe practice.
[INDIRECT_PROMPT_INJECTION]: The script reads untrusted content from session logs and memory files to generate summaries. However, it applies length limits (80 characters) and focuses on keyword matching ('完成', '发布', etc.), which limits the potential for malicious content to influence the reporting logic. The impact is restricted to the content written to the spreadsheet.

token-reporter