ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Feishu Bot Manager

v1.0.3

飞书多账户机器人配置管理 skill。用于新增飞书机器人账户、将机器人或特定群聊绑定到指定 Agent,并安全地更新 OpenClaw 的 Feishu 路由配置。适用于用户提到“添加飞书机器人”、“配置飞书机器人”、“新增飞书账户”、“飞书多账户”这类场景。

0· 57·0 current·0 all-time
by@caoychn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: the CLI asks for Feishu App ID/App Secret and account/chat/agent info, reads and updates ~/.openclaw/openclaw.json, performs backup, validation, and can restart the OpenClaw gateway. All requested actions are proportionate to managing Feishu bot routing.
Instruction Scope
SKILL.md and index.js explicitly read/write the OpenClaw config, back it up, validate changes, set session.dmScope, and optionally restart the gateway — all within the declared purpose. There are no instructions to read unrelated system files, call external endpoints, or exfiltrate data.
Install Mechanism
No install spec (instruction-only) and bundled code runs locally. Nothing is downloaded from external URLs or extracted; the included files are self-contained. This is the lower-risk pattern for a config-management skill.
Credentials
The skill does not request unrelated env vars or credentials. It accepts the Feishu App Secret as a CLI argument (not an env var) — this is functionally appropriate but has privacy risks (CLI args can be visible in process lists or shell history). The code uses HOME to find ~/.openclaw which is expected.
Persistence & Privilege
The skill does not request always:true and does not attempt to modify other skills or global agent settings beyond writing to OpenClaw's own config and invoking the OpenClaw CLI to set dmScope and restart the gateway — behavior that matches its purpose.
Assessment
This skill appears to do exactly what it says: it edits your local OpenClaw config (~/.openclaw/openclaw.json), creates backups, validates the result, and can restart the OpenClaw gateway. Before installing/running it: 1) Prefer --dry-run first to preview changes; 2) Keep or copy the automatically created backup file so you can restore if needed; 3) Be aware that passing App Secret on the command line can expose it to process listings or shell history — consider entering secrets via a safer mechanism or running on a secure host; 4) Because the source/publisher is unknown and there's no homepage, inspect the bundled code yourself (or run in a sandbox) before giving it access to your OpenClaw installation; 5) If you rely on high-availability routing, schedule a maintenance window for the Gateway restart or use --no-restart and restart manually when ready.
index.js:275
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk979fq0z6znke2yhyzf47pkesd84pxcx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments