Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Feishu Media
v1.1.1飞书媒体文件发送技能。适用于:发送文件、图片、URL图片、视频、音频、语音消息,以及打包压缩后发送。当用户要求在飞书中发送任何类型的媒体文件时激活此技能。
⭐ 0· 79·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name and description (Feishu media sending) align with the runtime instructions (sending files, images, audio, video via Feishu APIs). However, the instructions require a Feishu app_id/app_secret to obtain a tenant_access_token and require ffmpeg/ffprobe for audio conversion — none of these are declared in the skill metadata (no required env vars, no required binaries). This mismatch is disproportionate to the declared metadata and is an incoherence.
Instruction Scope
The SKILL.md stays within the domain of sending media to Feishu and uses only Feishu API endpoints. However, it instructs the agent to run shell commands (exec+curl), to read local file paths, and to accept app_id/app_secret (used to fetch tenant_access_token). Those instructions reference credentials and local tools not declared by the skill, which expands the agent's scope unexpectedly. The instructions do not describe safe handling/storage of the credentials.
Install Mechanism
No install spec and no code files are present (instruction-only). This limits the skill's disk footprint and attack surface since nothing is automatically downloaded or executed beyond what the agent runs at runtime.
Credentials
The SKILL.md requires app_id/app_secret (to get tenant_access_token) and local binaries (ffmpeg/ffprobe) for proper operation, but the declared metadata lists no required environment variables or binaries. Requiring API credentials and local tools is reasonable for the feature, but failing to declare them is a red flag: users won't be warned up-front and may be prompted to enter sensitive credentials at runtime without clear provenance.
Persistence & Privilege
The skill does not request persistent installation (always:false), does not modify other skills, and has no install steps that change system or agent configuration. Autonomous invocation is allowed by default but is not in itself excessive here.
What to consider before installing
This skill appears to implement Feishu media-sending correctly, but the SKILL.md requires Feishu app credentials (app_id/app_secret to obtain tenant_access_token) and local tools (ffmpeg/ffprobe) while the metadata declares none — that mismatch is the main concern. Before installing or using this skill: (1) verify the skill author/source and prefer skills that declare required env vars/binaries in metadata; (2) only provide a Feishu app_id/app_secret scoped to a test/non-production app with the minimal permissions (im:message, im:resource) and rotate/revoke after testing; (3) ensure ffmpeg/ffprobe are installed from trusted packages if needed; (4) inspect any exec+curl commands to confirm they target official open.feishu.cn endpoints and not an attacker-controlled host; (5) if you cannot verify the author, avoid entering real credentials — ask the author to update metadata to list required env vars and required binaries and to provide guidance for secure credential handling.Like a lobster shell, security has layers — review code before you run it.
latestvk97712hh3sx4np7g9p1q4xfvqs83kdg3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.