ClawHub

feishu-chat-forwarder

v1.0.3

Fetch recent messages from a Feishu group chat and forward them as a merged message to a specified user or chat.

0· 814·11 current·11 all-time
by@autogame-17
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The code implements exactly what the description says (listing messages and calling Feishu merge_forward). However the runtime requires FEISHU_APP_ID and FEISHU_APP_SECRET (loaded via dotenv) even though the registry metadata declares no required env vars or primary credential. This is an incoherence: the skill needs cloud credentials but does not declare them.
!
Instruction Scope
SKILL.md documents running node skills/chat-forwarder/index.js but does not mention that the script will load environment variables from ../../.env or that it will write a token cache to ../../memory/feishu_token.json. The code therefore reads/writes files outside the skill folder (potentially shared locations) and persists a tenant access token — behavior not described in the instructions.
!
Install Mechanism
There is no install spec (instruction-only), but the skill includes Node code and a package.json. SKILL.md shows running node, yet the registry lists 'required binaries: none'. The code also calls require('dotenv') but dotenv is not listed in package.json dependencies, so the packaged code will fail unless the runtime already has that module. These manifest and dependency mismatches are sloppy and can lead to unexpected runtime errors or hidden installation steps.
!
Credentials
Sensitive environment variables (FEISHU_APP_ID, FEISHU_APP_SECRET) are used but not declared in requires.env or primary credential. The code will read ../../.env (relative path) which may expose other env settings, and it persists a tenant token to ../../memory/feishu_token.json — creating stored credentials that may be accessible to other processes or skills. Requesting and persisting these secrets without explicit declaration is disproportionate and risky.
!
Persistence & Privilege
The skill is not set to always:true, but it writes a token cache to a '../../memory' path relative to the skill. That location looks like it could be shared across skills or the agent runtime, increasing persistence and cross-skill access risk. The skill does not modify other skills' configs, but its persistent token storage and outward network calls expand its blast radius beyond a single ephemeral invocation.
What to consider before installing
Before installing, be aware this skill will call Feishu APIs and requires FEISHU_APP_ID and FEISHU_APP_SECRET even though the registry doesn't declare them. It looks for a ../../.env file and will write a token cache to ../../memory/feishu_token.json — verify where those paths point in your environment (they may be shared). Also note: package.json is missing dotenv dependency and the registry metadata doesn't list Node/npm as required, so you'll need to ensure Node and correct dependencies are installed. If you plan to use it: (1) only provide Feishu credentials you trust and consider using a service account with limited scope, (2) run the skill in an isolated/containerized environment so the token file cannot be read by other processes, (3) inspect or modify the code to (a) declare required env vars in the manifest, (b) avoid using ../../ paths or use a configurable, private cache location, and (c) add dotenv to dependencies or explicitly document installation steps. If the author cannot justify these mismatches, treat this skill as untrusted and avoid supplying real credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk975hg211zhc96madg9jnm03c1814p64

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments