v1.1.1

Feishu Media

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:19 AM.

Analysis

The skill is aligned with sending Feishu media, but it uses direct Feishu API shell commands, app secrets, and local file uploads that users should review carefully before installing.

GuidanceInstall only if you are comfortable letting the agent send selected local files into Feishu. Before use, confirm the recipient and file path, provide Feishu credentials only through a secure secret mechanism, and avoid the direct curl video workflow unless you understand the app permissions being used.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

视频发送：OpenClaw 飞书频道的 `filePath` 不支持本地视频，必须用 exec+curl 方式上传后发送

The skill directs the agent to use raw shell/curl API calls instead of the normal message tool for video upload and sending. This is related to the purpose, but it is a broad escape-hatch workflow with no explicit approval, recipient, or file-scope guardrails.

User impactIf the wrong file, recipient, or token is used, the agent could upload private media and send it into Feishu under the app's authority.

RecommendationConfirm the exact file path, recipient, and message before any send; prefer a scoped Feishu tool/API wrapper with approval prompts; document the required tool capability clearly.

Unexpected Code Execution

SeverityLowConfidenceHighStatusNote

SKILL.md

ffmpeg -i input.mp3 -ar 16000 -ac 1 -acodec libopus output.ogg -y

The skill documents local command execution for audio conversion, and also includes zip/tar examples for packaging. These commands are purpose-aligned, but they can read or overwrite local files depending on paths.

User impactRunning the examples with incorrect paths could overwrite an output file or package unintended files for sending.

RecommendationReview input and output paths before running conversion or archive commands, and avoid overwriting files unless the user explicitly agrees.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

_meta.json

"ownerId": "kn7544sk6j5fvgm8jwnbjb8vz981qby0", "slug": "feishu-media", "version": "1.1.0"

The packaged metadata differs from the registry metadata shown for this evaluation, which lists a different owner ID, slug, and version. No executable code is bundled, so this is a provenance note rather than evidence of malicious behavior.

User impactUsers may not be looking at metadata that exactly matches the advertised registry package identity/version.

RecommendationPublisher should align _meta.json with the registry entry and provide a clear source/homepage or changelog.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

SKILL.md

获取 tenant_access_token（需要飞书应用的 appId 和 appSecret） ... 飞书应用需要 `im:message`、`im:resource` 权限

The skill requires Feishu app credentials and message/resource permissions, while the registry metadata declares no primary credential or environment variables. These credentials can grant delegated authority to upload resources and send messages.

User impactA Feishu app secret or tenant token could be misused to send messages or upload resources in the associated Feishu tenant.

RecommendationDeclare the credential requirement and scopes in metadata, store secrets through a secure credential mechanism rather than inline shell commands, and use the least-privileged Feishu app permissions.