Feishu Calendar Advanced
PassAudited by ClawScan on May 10, 2026.
Overview
This skill is a straightforward Feishu calendar helper, but it relies on an external CLI and OAuth access that can create or delete calendar events.
Before installing, make sure you trust the external @teamclaw/feishu-agent CLI and are comfortable granting Feishu calendar permissions. Treat create and delete commands as real account changes, and confirm details before allowing the agent to modify your calendar.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with create or delete commands, the skill can add meetings or remove existing events from the user's Feishu calendar.
The skill can mutate Feishu calendar data by creating events, adding attendees, and deleting events. This is clearly part of the stated purpose and scoped to explicit commands, but it is still a meaningful account action.
`create --summary "Meeting" ...` | Create a new event ... `delete --event-id <event_id>` | Delete an event by ID
Review event titles, times, attendees, and event IDs before allowing create or delete operations; ask the agent to confirm before making changes.
The configured Feishu agent may be able to read calendar information and create or delete events within the granted calendar scopes.
The setup requires Feishu app credentials, OAuth authorization, and calendar permissions. These are expected for calendar management, but they grant access to the user's Feishu account data.
bunx @teamclaw/feishu-agent config set appSecret <your_app_secret> ... bunx @teamclaw/feishu-agent auth ... Required: `calendar:calendar`, `calendar:event`
Use the least-privileged Feishu app/scopes that support the needed calendar actions and avoid sharing app secrets outside the intended setup process.
The actual calendar operations and credential handling are performed by an external CLI package that was not reviewed in these artifacts.
The skill depends on an external package run through bunx, and that package's implementation is not included in the supplied artifacts. This is purpose-aligned but leaves behavior dependent on the external package supply chain.
`@teamclaw/feishu-agent` | Yes | Installed automatically via bunx
Verify the @teamclaw/feishu-agent package source and version before use, and prefer a pinned or trusted version if available.