Personal Crm
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a coherent Feishu/Lark-based personal CRM, but it handles private relationship data, cloud credentials, and optional proactive reminders.
Install this only if you are comfortable storing relationship notes, birthdays, contact details, and interaction history in Feishu/Lark Bitable. Use a dedicated Bitable and scoped Feishu app credentials, review automatically saved entries, keep reminder channels private, and only enable contact import or the daily cron job when you explicitly want those features.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using the skill must trust it with Feishu/Lark Bitable access for personal CRM data.
The skill requires Feishu/Lark application credentials and Bitable identifiers so it can create, read, and write CRM data. This is expected for the stated integration but grants meaningful cloud-account authority.
"appId": "your_feishu_app_id", "appSecret": "your_feishu_app_secret" ... "app_token": "YOUR_BITABLE_APP_TOKEN"
Use a dedicated Feishu/Lark app and Bitable for this CRM, grant the minimum required scopes, and do not reuse broad workspace credentials if avoidable.
Private details about contacts, birthdays, preferences, and interactions may be saved to Feishu/Lark without a separate per-item confirmation.
The skill intentionally turns conversational context into persistent CRM memory. That is central to the product, but ambiguous or sensitive statements could be stored and reused later.
Mention someone in conversation and it automatically records the interaction. No need to say "save this."
Tell the agent when not to save something, periodically review the Bitable records, and consider requiring confirmation before saving sensitive relationship details.
If enabled, the agent may send daily messages containing relationship reminders or contact-related information.
The setup guide documents an optional persistent scheduled agent task for daily reminders and message sending. It is disclosed and user-created, not hidden.
openclaw cron add ... --cron "0 9 * * *" ... --message 'Check Personal CRM for birthday/anniversary reminders and overdue contacts. Send results via message tool to the configured channel.'
Only enable the cron job if you want proactive reminders, use a private delivery channel, and disable the job if the reminders are no longer needed.
A user might incorrectly assume the CRM data is fully local rather than stored in a Feishu/Lark cloud workspace.
The skill discloses Feishu/Lark storage, but the phrase "nothing is stored externally" could understate that Feishu/Lark is still a third-party cloud service.
All data lives in your own Feishu/Lark Bitable — nothing is stored externally. You own your data.
Treat Feishu/Lark as the storage provider, review its sharing and privacy settings, and avoid saving information you would not want in that cloud account.