Feishu Bridge
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a coherent Feishu/Lark-to-Clawdbot bridge, with disclosed credential use, chat forwarding, automatic replies, and optional macOS auto-restart behavior.
Before installing, confirm you are comfortable letting the configured Feishu bot forward chat messages to your Clawdbot agent and post replies back. Protect the Feishu App Secret and Clawdbot config, restrict bot access to intended users or groups, and unload the launchd service when you do not want the bridge running.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone able to message the configured Feishu bot may cause messages to be sent to the configured Clawdbot agent, using the local gateway token.
The bridge reads the Feishu bot secret and the local Clawdbot gateway token, then authenticates to the gateway with read/write operator scopes. This is purpose-aligned for a messaging bridge, but it is sensitive delegated access.
const APP_SECRET = mustRead(APP_SECRET_PATH, 'Feishu App Secret'); ... const GATEWAY_TOKEN = clawdConfig?.gateway?.auth?.token; ... scopes: ['operator.read', 'operator.write'], auth: { token: GATEWAY_TOKEN }Use a dedicated Feishu app, protect the secret file, restrict who can access or invite the bot, and ensure the Clawdbot agent has only the permissions you intend to expose through Feishu.
Prior messages in a Feishu chat may influence later agent responses for that same chat session.
Messages from the same Feishu chat are tied to a reused Clawdbot session key, which is expected for conversational continuity but can carry context across later messages in that chat.
Each Feishu chat maps to a Clawdbot session (`feishu:<chatId>`)
Avoid routing highly sensitive group discussions unless shared session context is acceptable, and reset or separate sessions if different users or topics should not share context.
The bot can send AI-generated replies into Feishu direct messages or group chats without a separate approval step for each reply.
The bridge automatically posts the Clawdbot agent's reply back into the Feishu chat. This matches the bridge purpose and is disclosed, but it is still automated third-party message posting.
await client.im.v1.message.create({ ... data: { receive_id: chatId, msg_type: 'text', content: JSON.stringify({ text: reply }) } });Add the bot only to intended chats, review the group-response rules, and consider adding allowlists if only certain chats or users should be able to trigger replies.
Once loaded, the bridge may continue running in the background and reconnecting to Feishu until the LaunchAgent is unloaded.
The setup script creates a launchd service that starts at login/load time and restarts if it exits. This persistence is optional and documented, not hidden.
<key>RunAtLoad</key>\n <true/>\n\n <key>KeepAlive</key>\n <true/>
Use the provided launchctl unload command when you no longer want the bridge running, and periodically check the LaunchAgent and log files.
Future installs could receive newer dependency versions than the author tested.
The skill instructs users to run npm install and uses range-based dependency versions. This is normal for a Node integration, but dependency resolution is not pinned in the provided artifacts.
"dependencies": { "@larksuiteoapi/node-sdk": "^1.56.1", "ws": "^8.18.0" }Review dependencies before installing, use a lockfile or pinned versions for production use, and install from a trusted package registry.