Feishu Calendar Intelligent Scheduler
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The calendar-scheduling purpose is plausible, but the package bundles an unrelated ClawHub publishing tool with a hardcoded API token and file-upload behavior.
Do not run scripts/api_publisher.py, and treat the bundled ClawHub token as compromised. Before installing, review install.sh, remove unrelated developer scripts, confirm the Feishu permissions requested, and require previews before any bulk calendar changes or invitations.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the token is valid, anyone with the package could potentially authenticate to ClawHub as that account or publish using that identity.
The package contains a hardcoded ClawHub bearer token used for API authentication, which is unrelated to Feishu calendar scheduling and is not requested from the installing user.
TOKEN = "clh_Sspe...T4DAZs" # 用户提供的 token
Treat the token as compromised, rotate or revoke it, and remove all hardcoded credentials from the distributed skill.
If invoked, the helper could upload local source/config files to ClawHub, depending on where it is run.
An included helper recursively collects files from a directory and uploads them to the ClawHub skills API; this publishing function is not part of the stated calendar-scheduling purpose.
parser.add_argument("--dir", default="..") ... for root, dirs, files in os.walk(skill_dir) ... response = requests.post(url, headers=headers, files=files, timeout=60)Do not ship developer publishing tools in the runtime skill package; if publishing is needed, require explicit user-supplied credentials and a tightly scoped directory.
This is visible setup behavior, but it is under-declared by the provided install metadata and copies more than the scheduler runtime needs.
The user-directed installer installs an unpinned Python dependency, may fall back to privileged system package installation, and copies all scripts into the OpenClaw config directory.
pip3 install pytz ... sudo apt-get install -y python3-pytz ... cp -r scripts/* "$CONFIG_DIR/"
Declare install requirements in metadata, pin dependencies where practical, avoid sudo fallbacks unless clearly required, and copy only runtime files.
Mistaken bulk actions could create, change, cancel, or invite people to meetings unintentionally.
The skill declares Feishu calendar tools and advertises bulk event modification plus automatic invitations, which are expected for the purpose but can affect other users' calendars.
"requires": { "tools": ["feishu_calendar_event", "feishu_calendar_calendar"] } ... 批量创建、修改、取消会议 ... 自动发送会议邀请Require preview and explicit confirmation before bulk calendar changes or sending invitations, and use the least-privileged Feishu permissions available.
Users may grant permissions or purchase/try the skill expecting working bulk-management and reporting capabilities that are not actually implemented in the installed commands.
The package registers batch-management and report commands as placeholders, while the public description advertises those as product features.
"calendar-batch": { ... "script": "echo '批量管理功能开发中...'" }, "calendar-report": { ... "script": "echo '报表功能开发中...'" }Align SKILL.md/README claims with implemented functionality, or clearly label unfinished features before installation.
Files and command registrations remain on the machine until manually removed.
The installer persists configuration and a skill symlink under ~/.openclaw. This is normal for installation, but users should notice that it remains after the setup step.
CONFIG_DIR="$HOME/.openclaw/feishu-calendar-scheduler" ... cp -r scripts/* "$CONFIG_DIR/" ... ln -sf "$(pwd)" "$HOME/.openclaw/skills/feishu-calendar-scheduler"
Document uninstall steps and ensure cleanup removes only this skill's own files.