ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Feishu Bot Creator

v1.0.0

飞书机器人创建器 — 自动化创建和配置飞书机器人,包括应用创建、权限配置、 webhook 设置等。| Feishu Bot Creator — Automate creation and configuration of Feishu bots, including app creation, permissi...

0· 102·1 current·1 all-time
by@839305939wang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill name, SKILL.md, and the bundled Python script all describe creating/configuring Feishu bots and the script's API calls match that purpose. However the registry metadata is inconsistent: it declares no required environment variables whereas SKILL.md and the script require FEISHU_APP_ID and FEISHU_APP_SECRET. The metadata also lists a required config path (~/.openclaw/openclaw.json) that is unrelated to the stated purpose and is not referenced by the script. Additionally, curl is declared as a required binary but the bundled script uses Python 'requests' and does not call curl. These mismatches are worth flagging.
Instruction Scope
The runtime instructions and script stay within the stated purpose: obtaining a Feishu tenant token, creating an app, setting permissions, creating a bot, and saving a config file. The instructions do ask users to set FEISHU_APP_ID/FEISHU_APP_SECRET and optionally FEISHU_API_BASE. The script writes credentials (app_secret) to a local file (~/.feishu/bots/<name>.json) in cleartext, which is expected for convenience but is sensitive — SKILL.md does mention keeping secrets safe. No unexpected network endpoints or exfiltration were found in the code.
Install Mechanism
There is no install spec (instruction-only plus a bundled script), so nothing will be downloaded or extracted during install. This is low installation risk. Note: the script imports 'requests' but there is no dependency declaration or install instruction for Python packages; the SKILL.md lists required binaries including curl (which is not used), so the manifest is inconsistent about dependencies.
!
Credentials
The environment variables the script actually needs (FEISHU_APP_ID, FEISHU_APP_SECRET, optional FEISHU_API_BASE) are proportional to the task. But the registry metadata lists no required env vars, creating an inconsistency. The skill also requests access to a config path (~/.openclaw/openclaw.json) that the script does not use; requiring that path is disproportionate and could imply unnecessary access to agent configuration. Also, the script persists app_secret to an unencrypted local file — functionally reasonable but sensitive; users should be informed and store secrets securely where appropriate.
Persistence & Privilege
The skill does not request 'always: true' and uses default invocation settings (user-invocable, model-invocation allowed), which is normal. There is no code that modifies other skills or global agent settings. The only persistence is writing the bot config (including secret) to the user's home directory — expected behavior for this tool but sensitive.
What to consider before installing
The Python script itself appears to implement Feishu app/bot creation and is consistent with the skill's stated purpose. However before installing or using this skill: - Do not assume the registry metadata is correct: the script requires FEISHU_APP_ID and FEISHU_APP_SECRET (and optionally FEISHU_API_BASE) but the manifest lists no env vars. Provide those credentials only when you trust the code and environment. - The manifest's required config path (~/.openclaw/openclaw.json) is unrelated to this tool and should be removed or explained by the publisher; avoid granting extra config access unless needed. - The script saves app_secret in cleartext under ~/.feishu/bots/<name>.json. If you use real credentials, ensure that path is private, excluded from version control, or consider modifying the script to store secrets encrypted or use a secret manager. - The SKILL.md declares 'curl' as required but the script uses Python 'requests' — ensure you have the correct Python dependencies (install 'requests') rather than relying on curl. - Because the package is instruction-only and from an unknown source, consider running it in an isolated environment (local VM or container) and review the code yourself. If you are uncertain, request the publisher to: (1) fix manifest metadata to declare required env vars and remove the unrelated config path, (2) add dependency instructions for Python packages, and (3) avoid writing secrets to disk by default or document the storage location clearly.

Like a lobster shell, security has layers — review code before you run it.

latestvk971hcwehp0myv98yv17xdqtr183aqm4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🤖 Clawdis
Binspython3, curl
Config~/.openclaw/openclaw.json

Comments