Skillv1.0.0

ClawScan security

Feishu Doc Workflow · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 14, 2026, 7:58 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions match a Feishu doc workflow, but the package metadata omits required dependencies and environment variables (feishu_doc, channels.feishu.appId/Secret and the need to call Feishu Drive public-permission APIs), so the manifest and runtime instructions are not fully consistent.
Guidance: This is an instruction-only Feishu document workflow that appears to do what it says, but the package metadata is incomplete. Before installing or publishing: (1) confirm your OpenClaw environment actually provides the feishu_doc tool; (2) ensure you understand and are willing to supply Feishu app credentials (channels.feishu.appId and channels.feishu.appSecret) and the documented Feishu scopes (docx:*, drive:drive); (3) verify whether your environment permits making exec calls or direct HTTP PATCH/GET to Feishu Drive APIs (the skill says this may be required to set public permissions); and (4) ask the publisher to update the manifest to declare these required binaries/env vars so the permission and dependency surface is explicit. If you cannot confirm those, treat the skill as untrusted until the manifest is corrected.

Review Dimensions

Purpose & Capability: noteThe SKILL.md clearly describes a Feishu document read/write/insert/image/permission workflow and correctly requires Feishu app credentials and a feishu_doc capability. However, the registry metadata declares no required binaries or env vars, which is inconsistent: a legitimate user would need a feishu_doc tool and Feishu app credentials.
Instruction Scope: concernRuntime instructions tell the agent to call feishu_doc actions (read, list_blocks, update_block, insert, append, upload_image, delete_block) and to GET/PATCH Feishu Drive public-permission endpoints. SKILL.md also says environments must allow invoking Feishu OpenAPI via exec. The skill references environment keys (channels.feishu.appId, channels.feishu.appSecret) and requires API calls — but these env vars are not declared in the manifest. This mismatch and the reliance on exec/API calls are scope concerns to confirm before installing.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest install risk. Nothing is downloaded or written by the skill itself.
Credentials: noteThe documented permissions (docx:*, drive:drive) and app credentials it asks for are proportional to the stated purpose. However, the manifest does not declare any required environment variables or a primary credential while the SKILL.md expects channels.feishu.appId and channels.feishu.appSecret to be present — an omission that should be corrected so users know what secrets will be needed.
Persistence & Privilege: okSkill is not always-on and does not request persistent privileges. It does not attempt to modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but not by itself a red flag.