Star Office

Star Office UI 一键化 Skill：帮主人快速部署像素办公室看板，支持多 Agent 加入、状态可视化、移动端查看与公网访问。

What to check before you install/run this Skill: - Environment variables: the skill metadata lists none, but SKILL.md and the backend expect ASSET_DRAWER_PASS (default 1234), FLASK_SECRET_KEY/STAR_OFFICE_SECRET, and optional GEMINI_API_KEY/GEMINI_MODEL. Treat GEMINI_API_KEY as sensitive and only add it if you need image-generation. - Default credentials: change ASSET_DRAWER_PASS (1234) and set a strong FLASK_SECRET_KEY before exposing the service. The backend will refuse to run in 'production' if secrets are weak, but when run locally the defaults are permissive. - Filesystem scope: the backend intentionally reads/writes files in parent directories (../memory and ../skills). Run this in an isolated directory, container, or VM so the service cannot accidentally read unrelated files from your home or system. - Network exposure: SKILL.md suggests using Cloudflare Tunnel to expose the UI publicly. Only do so after hardening secrets, and prefer using a reverse proxy or a controlled host. Verify join-keys and who can push agent status before making the site public. - Source origin: the SKILL.md still instructs to git clone the GitHub repo even though the skill bundle contains source files. Prefer using the included bundle (inspect it) rather than fetching remote code unless you trust the remote repository. - Prompt-injection scan hit: a pre-scan flagged a base64-like block. Inspect SKILL.md and the provided files for any encoded or obfuscated blocks before executing automated steps. - Run safely: first run in a disposable environment (container, VM) and perform the optional smoke_test (scripts/smoke_test.py) to validate behavior. Review backend/app.py, scripts/office-agent-push.py and any code that performs network calls to ensure endpoints and behavior are acceptable for your environment. If you need, I can list specific files to audit (e.g., backend/app.py, store_utils.py, any scripts that perform HTTP requests) or produce commands to run the service safely inside a container.

Type: OpenClaw Skill Name: star-office Version: 1.0.0 The skill bundle provides a pixel-art dashboard for AI agents but is classified as suspicious due to critical vulnerabilities in 'backend/app.py'. Specifically, the functions '_animated_to_spritesheet' and '_generate_rpg_background_to_webp' use 'os.system' and 'subprocess.run' with string formatting to execute shell commands (ffmpeg, ImageMagick, and python scripts). This pattern is highly susceptible to shell injection if asset filenames or prompt inputs are not strictly sanitized. Additionally, 'SKILL.md' instructs the AI agent to perform high-privilege operations such as 'git clone' and 'pip install' on the host system. While these behaviors are functionally aligned with the stated purpose of deploying a dashboard, the underlying code's lack of security hardening around shell execution poses a significant risk.