Back to skill
Skillv1.0.2
VirusTotal security
Feishu Docx · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 5:02 AM
- Hash
- 331f753a420c426136e8762d662be45a07efad6fa9cd1192e36226ef30751bc8
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: feishu-docx Version: 1.0.2 The OpenClaw AgentSkills bundle for Feishu Docx is classified as benign. The skill's primary function is to interact with the Feishu API for document creation and management, which involves making network requests to `https://open.feishu.cn`. While the example scripts (`scripts/import_egg_cake_report.py`, `scripts/perfect_import_egg_cake.py`, `scripts/write_tangyuan.py`) hardcode `app_id` and `app_secret`, this is a vulnerability related to secret management in example code rather than evidence of malicious intent to exfiltrate unauthorized credentials. The scripts also read specific markdown files from a hardcoded path within the OpenClaw workspace, which is consistent with the skill's stated purpose of processing local documents for upload. There is no evidence of prompt injection in `SKILL.md`, unauthorized data exfiltration, malicious execution, persistence mechanisms, or obfuscation.
- External report
- View on VirusTotal