← 返回 Skills 市场
Resignation Check
作者
eggyrooch-blip
· GitHub ↗
· v0.5.0
· MIT-0
80
总下载
0
收藏
0
当前安装
5
版本数
在 OpenClaw 中安装
/install resignation-check
功能描述
对 Office 365 / Adobe 租户的用户做离职检查——通过飞书开放平台 API(app_id/app_secret)按邮箱核对通讯录,列出疑似离职账号并交互确认删除。USE WHEN 离职检查, 离职筛查, 清理离职, 离职账号, resignation check, 账户审计, 清户, 飞书核对,...
安全使用建议
This skill plausibly does what it says, but treat it as high-risk until you audit the code and limit privileges: 1) Do NOT run against production credentials. Create a test tenant or read-only accounts first. 2) Manually review the GitHub repo (https://github.com/eggyrooch-blip/office365-tools) before cloning—inspect install scripts, requirements, and any subprocess or network calls. 3) Ensure least-privilege: avoid granting User.ReadWrite.All / LicenseAssignment.ReadWrite.All unless deletions are intentionally needed; prefer read-only scopes during initial runs. 4) Do not store high-value secrets in plaintext .env on shared machines; use a secrets vault when possible. 5) Validate FEISHU_APP_ID/SECRET and Adobe creds scope; confirm SMTP use is necessary. 6) Confirm and back up account lists and policies before performing deletions; prefer generating reports and manual approval workflows. 7) Fix the metadata mismatch: ask the publisher why registry metadata omits required env vars. If you cannot verify the repo and code, do not install or run this skill.
功能分析
Type: OpenClaw Skill
Name: resignation-check
Version: 0.5.0
The skill automates user offboarding across Office 365, Adobe, and Feishu, requiring high-privilege administrative credentials (CLIENT_SECRET, FEISHU_APP_SECRET) and SMTP passwords. It is classified as suspicious because it mandates cloning and executing code from an external GitHub repository (eggyrooch-blip/office365-tools) and performs destructive account deletions. While the skill.md includes safety instructions like mandatory user confirmation (AskUserQuestion) and logic to avoid deleting system accounts, the reliance on external artifacts and the handling of multiple sensitive secrets represent a significant supply chain and security risk.
能力标签
能力评估
Purpose & Capability
Functionally the skill needs access to Office 365, Adobe, and Feishu to perform resignation checks and possible deletions — those capabilities match the described purpose. HOWEVER the registry metadata lists no required environment variables or primary credential while the SKILL.md declares many high-privilege env vars (Office/Entra client secret, Adobe credentials, Feishu app_id/secret, SMTP creds, default passwords). That metadata omission is an inconsistency that reduces trust and may hide required secrets.
Instruction Scope
The SKILL.md instructs the agent to clone and run an external repository (office365-tools), create and read a .env with many secrets, use specific local working directory paths, and perform destructive operations (account deletion after confirmation). It also tells the agent to fetch and parse CSVs and to query Feishu with app secrets. These instructions require reading/writing local files and handling sensitive secrets; they grant broad discretion (check repository docs, run CLI commands) and reference machine-specific paths (/Users/kite/Documents/office-usertools).
Install Mechanism
There is no formal install spec in the registry, but SKILL.md directs an explicit git clone of https://github.com/eggyrooch-blip/office365-tools and pip installing its requirements. Cloning and running third-party code from an unvetted GitHub repo is effectively installation and execution of external code; the repo owner and code are not verified here, and there is no checksum or pinned release. This is higher risk than a purely instruction-only skill.
Credentials
The skill requires multiple high-privilege credentials (Entra CLIENT_ID/CLIENT_SECRET with User.ReadWrite.All / LicenseAssignment.ReadWrite.All, Adobe service credentials, FEISHU_APP_ID/FEISHU_APP_SECRET, SMTP username/password, and default account password values). These are functionally relevant but are powerful and destructive if misused. The registry metadata failing to declare them amplifies the concern. The .env template also pushes storing default passwords and SMTP credentials which is sensitive.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system-wide privileges in metadata. However it instructs creating files (a .env) and installing/running a local CLI in a specific directory, which will persist code and secrets on disk. The skill can perform destructive actions (delete accounts) when run, so operational controls and safe defaults are important.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install resignation-check - 安装完成后,直接呼叫该 Skill 的名称或使用
/resignation-check触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.5.0
加 GitHub 仓库指引:https://github.com/eggyrooch-blip/office365-tools
v0.4.0
env 模板内联到 skill.md(ClawHub 只发布 skill.md)
v0.3.0
env.example 随包发布(ClawHub 过滤 dotfile,改名无点)
v0.2.0
frontmatter 显式声明 required_env / optional_env / requires,加 Prerequisites 段,修复 registry 元数据告警
v0.1.0
初版:Office 365 + Adobe 用户离职筛查,飞书 open api (app_id/app_secret) 批量核对邮箱,交互确认删除
元数据
常见问题
Resignation Check 是什么?
对 Office 365 / Adobe 租户的用户做离职检查——通过飞书开放平台 API(app_id/app_secret)按邮箱核对通讯录,列出疑似离职账号并交互确认删除。USE WHEN 离职检查, 离职筛查, 清理离职, 离职账号, resignation check, 账户审计, 清户, 飞书核对,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 80 次。
如何安装 Resignation Check?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install resignation-check」即可一键安装,无需额外配置。
Resignation Check 是免费的吗?
是的,Resignation Check 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Resignation Check 支持哪些平台?
Resignation Check 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Resignation Check?
由 eggyrooch-blip(@eggyrooch-blip)开发并维护,当前版本 v0.5.0。
推荐 Skills