feishu paper manager
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent instruction-only Feishu paper workflow, but users should scope Feishu permissions and review persistent metadata and bulk taxonomy updates.
This skill appears to be a benign design/reference skill rather than runnable code. Before using it to implement a real Feishu bot, confirm the bot only has access to the intended chat, folder, and table; protect the Feishu-to-OpenClaw handoff; avoid logging message or attachment URLs; and require review before bulk taxonomy backfills.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If implemented with broad Feishu permissions, the bot could access more workspace content or mutate more records than intended.
This shows the intended workflow depends on Feishu workspace authority to read messages/attachments and write documents, table rows, and bot replies.
Feishu bot owns webhook verification, message parsing, attachment download, and chat replies. - OpenClaw owns ... doc/table writes, and taxonomy review.
Use a dedicated Feishu app or bot with least-privilege scopes, restrict it to the intended chats, paper folder, and table, and avoid broad admin credentials.
Internal Feishu metadata or paper attachment links could be exposed if the handoff endpoint, logs, or storage are not protected.
The Feishu-to-OpenClaw payload can contain internal user identifiers, message excerpts, tenant/channel metadata, and attachment download URLs.
"sender": { "user_id": "ou_xxx", "name": "Alice" }, ... "pdf_download_url": "https://...", ... "text_excerpt": "please save this paper", "channel_name": "paper-share", "tenant_id": "cli_xxx"Authenticate the Feishu bot to OpenClaw boundary, use TLS, minimize payload fields, redact logs, and define retention rules for message metadata and download URLs.
Bulk tag changes could reduce search/filter quality or unexpectedly alter many Feishu table rows.
The taxonomy review can trigger a batch update across historical table rows, so a poor taxonomy decision could affect many records.
if count % 50 != 0, stop -> if review checkpoint already equals count, stop -> launch taxonomy review -> analyze current tag frequencies and collisions -> produce new taxonomy version -> backfill historical rows -> persist checkpoint and new version
Before backfilling, generate a preview/change log, keep backups or export snapshots, and require human approval for large taxonomy migrations.