OpenClaw Feishu Bot Manager
Security checks across malware telemetry and agentic risk
Overview
The skill mostly matches its Feishu bot configuration purpose, but needs review because dry-run still writes a backup copy and the tool can change or restart OpenClaw automatically.
Install only if you are comfortable letting this skill edit ~/.openclaw/openclaw.json, store Feishu App Secrets there, create local backups, and restart the OpenClaw Gateway. Be aware that --dry-run still creates a backup in the current code; check backup permissions, consider --no-restart, and inspect the generated routing bindings before using it on a production setup.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user expecting a no-write preview may still get a persistent local copy of their OpenClaw config, which may contain existing secrets.
The backup is created before the dry-run check, so a dry-run still writes a backup file even though the user-facing message says the dry-run did not write configuration.
const backupPath = createBackup(); ... if (dryrun === 'true') { log.success('dry-run 完成,未写入配置,未重启 Gateway'); ... }Move backup creation after the dry-run exit path, or clearly state that dry-run creates a backup; protect or redact secrets in backup files.
If saving the config fails, the skill may still proceed with other OpenClaw changes or a Gateway restart, causing confusing or disruptive runtime state.
saveConfig returns false on failure, but quickMode does not check that result before reporting success, setting dmScope, and potentially restarting the Gateway.
saveConfig(config); log.success('配置已更新'); ... execSync('openclaw gateway restart', { stdio: 'inherit' });Abort immediately if saveConfig returns false, and only restart the Gateway after confirming the config was written and validated.
Anyone who can read the OpenClaw config or its backups may be able to access Feishu bot credentials; the default bot policy may also be broader than some users expect.
The skill stores the user-provided Feishu App Secret in OpenClaw configuration and defaults the bot access policy to open with allowFrom '*'. This is aligned with the stated integration but is sensitive account authority.
config.channels.feishu.accounts[accountId] = { appId: appid, appSecret: appsecret, botName: botname || 'Feishu Bot', dmPolicy: options.dmpolicy || 'open', allowFrom: ['*'], enabled: true };Use least-privileged Feishu credentials, restrict config and backup file permissions, choose a narrower dmPolicy/allowFrom where possible, and rotate secrets if exposed.
Running the skill can change message-session behavior and temporarily interrupt the Gateway.
The skill runs local OpenClaw CLI commands. They are fixed commands and purpose-aligned, but they still mutate OpenClaw runtime configuration and can restart the Gateway.
execSync('openclaw config set session.dmScope ...', { stdio: 'pipe' }); ... execSync('openclaw gateway restart', { stdio: 'inherit' });Run with --dry-run first, use --no-restart when you want to restart manually, and verify the generated bindings before applying them.