飞书卡片消息
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill appears to send Feishu card messages as advertised, but it directly uses bot credentials to post to private or group chats while bypassing OpenClaw limits and under-declaring its credential/install needs.
Install only if you are comfortable giving this skill Feishu bot credentials that can send messages. Use a dedicated low-privilege Feishu app, restrict where the bot can post, inspect the install script before running it, and require confirmation before any message or batch send.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with real Feishu bot credentials, the agent could post messages into Feishu chats on the user's behalf, including mistakes or unintended bulk notifications.
The skill advertises a raw provider-API path that bypasses OpenClaw built-in limits and can post to both group and private chats. The provided artifacts do not define approval, allowlist, or recipient-scope controls around that messaging authority.
绕过OpenClaw内置限制,直接调用飞书OpenAPI实现专业级卡片消息发送。 ... 群组/单聊支持
Require explicit user confirmation of recipient, content, and batch size before sending; restrict allowed receive_id/chat_id values; and document the exact safety controls that replace the bypassed built-in limits.
Users must trust the skill with Feishu bot app credentials that can send messages within the app's permitted scope.
The code uses Feishu app credentials to obtain a tenant access token, while the registry metadata declares no required environment variables or primary credential. This is purpose-aligned but under-declared.
self.app_id = app_id or os.getenv("FEISHU_APP_ID")
self.app_secret = app_secret or os.getenv("FEISHU_APP_SECRET")Declare FEISHU_APP_ID and FEISHU_APP_SECRET in metadata, use a least-privilege Feishu app limited to intended recipients, and rotate the secret if it is ever exposed.
A user may run local setup steps that were not visible from the registry's install contract.
The README instructs users to run an install script even though the registry says there is no install spec. This may be benign setup, but users should inspect install-time actions because they are not represented in the install metadata.
# 运行安装脚本 ./scripts/install.sh
Publish an explicit install spec or document exactly what scripts/install.sh does, including dependencies and file changes.
Accidentally running example or test code could send a test card to an unintended Feishu recipient.
The test function includes a hardcoded Feishu open_id as a message recipient. The provided snippet does not prove automatic execution, but running tests with real credentials could send messages to a fixed account instead of a user-chosen target.
receive_id="ou_7a6d94f4f20cf166aa429d75fe09cc95"
Replace hardcoded recipient IDs with placeholders or require the recipient to be supplied explicitly at runtime.