Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Feishu Doc Reader
v0.1.2Read and extract content from all Feishu (Lark) document types using the official Feishu Open API
⭐ 0· 300·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The Python and shell scripts implement Feishu Open API calls and clearly match the described purpose of reading Feishu (Lark) documents. However, the skill metadata in the registry declares no required credentials or binaries while the SKILL.md and scripts require Python (python3) and an app_id/app_secret (either in ./reference/feishu_config.json or FEISHU_APP_ID / FEISHU_APP_SECRET). The missing declaration of required credentials/binaries in registry metadata is an inconsistency.
Instruction Scope
SKILL.md and the included scripts limit their actions to loading credentials from a local config file or environment variables and calling official Feishu API endpoints (open.feishu.cn). The instructions do not instruct the agent to read arbitrary unrelated files or call external endpoints beyond Feishu. One minor scope mismatch: documentation states 'credentials never appear in logs', but the provided test_auth.py prints a truncated tenant_access_token, which contradicts that claim and could leak sensitive info if run carelessly.
Install Mechanism
There is no install spec (instruction-only in registry), and the repository provides Python scripts and shell wrappers that are intended to be executed directly. No remote downloads, obscure URLs, or archive extraction steps are present. Running the included scripts will execute local code, so standard caution about running third-party scripts applies.
Credentials
The code legitimately needs Feishu app credentials (app_id and app_secret). The registry metadata claims no required environment variables or primary credential, which is incorrect and reduces transparency. Sensitive values (app_secret / tenant_access_token) are used at runtime; while main scripts avoid printing them, the test helper script (test_auth.py) prints a truncated tenant token and some docs mention DEBUG logging—these could lead to accidental exposure if used without care. The required credentials are proportionate to the skill's purpose, but the omission from metadata is a red flag.
Persistence & Privilege
The skill does not request always: true, does not modify other skills' configurations, and does not attempt system-wide persistence. It only reads local config files or environment variables and makes network calls to Feishu APIs.
What to consider before installing
This skill appears to implement what it claims (reading Feishu/Lark documents via the official API) and only needs a Feishu app_id and app_secret. Before installing: (1) don't rely on the registry metadata — create ./reference/feishu_config.json or set FEISHU_APP_ID and FEISHU_APP_SECRET and protect it (chmod 600). (2) Inspect and avoid running test_auth.py in production because it prints a truncated token (could leak); similarly avoid enabling debug logs that might reveal secrets. (3) Confirm you trust the source; the package has no remote install steps but will execute local Python/shell scripts. (4) Ask the publisher to correct the registry metadata to list required credentials and binaries so automated vetting and permission reviews are accurate.Like a lobster shell, security has layers — review code before you run it.
latestvk971c76nvtc3w5jnmd38vqw6d982skv2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.