飞书群学习分析
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill may access Feishu data using someone else’s embedded app credentials, and the exposed secret itself is a credential leak.
The skill embeds a Feishu app ID and app secret directly in source code, while metadata declares no primary credential or required environment variables. This gives the skill delegated Feishu tenant access that is not clearly user-provided or scoped.
APP_ID = "cli_a92b19fbc278dbd6" APP_SECRET = "WFsYhmcEZnRjL4c1ClotIeHhoq5568Sp"
Remove the hardcoded secret, rotate it, and require users to provide their own clearly declared, minimally scoped Feishu credentials through a secure config or environment variable.
A user may think they control the monitored groups through configuration, but the skill’s actual code targets the embedded chat IDs.
The code hardcodes two Feishu chat IDs, while SKILL.md and README describe editing config.json to choose chats. That mismatch can mislead users about which groups will actually be monitored.
CHATS = [
("oc_60c795e2e04eefc3d09eb49da4df15a5", "养虾乐园🦞"),
("oc_3cc1c4abbc093b180cb0b75e40bb6e1b", "🦞龙虾聚会")
]Make the code read the documented config.json, remove hardcoded chat IDs, and require explicit user confirmation of every monitored group.
Private group messages could remain on local disk in a temporary location after analysis finishes.
The script writes raw Feishu message API responses to /tmp and does not delete them. These responses may contain private chat content and metadata.
curl -s "https://open.feishu.cn/open-apis/im/v1/messages?container_id=$ID&container_id_type=chat&page_size=50" \
-H "Authorization: Bearer $TOKEN" > /tmp/chat_${ID##*_}.jsonAvoid writing raw chat messages to shared temporary paths, use a private restricted temp directory if storage is necessary, and delete raw message files immediately after processing.
If enabled, the skill may continue reading Feishu group messages every 6 hours until the scheduled task is removed.
The README documents a recurring cron task. This is aligned with the stated automatic-analysis purpose, but it means the skill can keep accessing Feishu messages on a schedule once the user enables it.
openclaw cron add --name "group-learning" --schedule "0 */6 * * *" --command "bash analyze.sh"
Only enable the cron job after fixing credential and chat-scope issues, and document how users can pause or remove the scheduled task.