Lead Processor
WarnAudited by ClawScan on May 10, 2026.
Overview
The lead-processing workflow is coherent, but the skill embeds Feishu credentials and can read/update Feishu tables and post to a fixed group with limited user confirmation.
Install only if you trust the publisher and the configured Feishu workspace. Treat the included Feishu secret as exposed: rotate it, replace hardcoded credentials with your own declared environment variables, confirm the target table and chat, and require review before the agent updates records or sends reports.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using or inspecting the skill may gain or exercise access to the configured Feishu tenant/table/chat if the credentials remain valid, and the agent may operate under the publisher’s Feishu identity rather than the user’s intended account.
The code embeds a Feishu app ID and app secret as defaults, then uses them to obtain a tenant access token. The registry metadata declares no primary credential or required environment variables, so this high-impact account authority is under-disclosed and potentially exposed.
const FEISHU_APP_ID = process.env.FEISHU_APP_ID || 'cli_a9140ac9cab85bd3'; const FEISHU_APP_SECRET = process.env.FEISHU_APP_SECRET || 'qlySTZmzM567o4TnZDrvOdVNXMqIwaD0';
Remove hardcoded secrets, rotate the exposed Feishu app secret, require user-provided credentials through declared environment variables, and document the exact Feishu scopes and resources the skill will access.
Incorrect website analysis or prompt-influenced content could be written back into business records or sent to a Feishu group before the user has a chance to review it.
The skill instructs the agent to automatically read lead records, browse websites, update Feishu table fields, and send a group message, while forbidding mid-process questions. These are purpose-aligned actions, but they can mutate business data and post to a group without clearly requiring user review or approval.
2. 读取飞书表格未处理记录 3. 使用浏览器访问每个官网 4. 分析并填写详细字段 5. 写入表格后发送消息到飞书群 ... - 禁止中途提问
Require explicit user confirmation before updating Feishu records or sending group reports, especially for bulk processing, and document limits such as which records are processed and how changes can be reviewed or reverted.
Lead analysis details may be visible to everyone in the configured Feishu group.
The skill is configured to send analysis reports to a fixed Feishu chat. This is disclosed and aligned with the purpose, but users should ensure the group membership and destination are appropriate for lead data.
"chat": {
"chat_id": "oc_2c705fa31fb8c9a66dd3e22ab8a2243c"
}Verify the chat ID, group membership, and data-sharing expectations before running the skill; allow users to configure the destination chat.
Users may have difficulty knowing which copy/version is authoritative and whether the packaged files match the published registry entry.
The top-level metadata does not match the registry owner/version shown for the evaluated skill, and there is also a nested copy with different metadata. This does not prove malicious behavior, but it creates provenance ambiguity.
"ownerId": "user-local", "slug": "lead-processor", "version": "1.0.0"
Publish a single canonical package layout with consistent owner and version metadata, and provide a trustworthy source or homepage.