feishu-send-file
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: feishu-send-file Version: 1.2.1 The skill provides utility scripts (`send_file.py` and `send_image.py`) to upload and send files or images via the official Feishu/Lark APIs. The instructions in `SKILL.md` guide the AI agent to retrieve necessary API credentials from the local environment (`/root/.openclaw/openclaw.json`) and execute the scripts. While passing secrets via command-line arguments is a suboptimal security practice, the code logic is transparent, lacks obfuscation, and strictly interacts with legitimate endpoints (open.feishu.cn and open.larksuite.com) to perform its stated functions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who can invoke the script with these credentials can use the Feishu app's authority to upload and send files/messages.
The skill instructs use of a Feishu app secret from local OpenClaw configuration to obtain a tenant token. This is expected for Feishu sending, but it is sensitive credential use and is not reflected in the registry credential fields.
`app_secret`: 飞书应用密钥(从 `openclaw.json` 的 `channels.feishu.appSecret` 读取)
Use least-privilege Feishu app credentials, avoid exposing app_secret in chat or logs, and consider declaring the credential requirement in metadata.
Files or images sent with this skill may be stored or processed by Feishu/Lark and become visible to the specified recipient.
The script uploads the selected local file to Feishu before sending a message. This is the intended data flow, but it means file contents are transferred to an external provider.
"https://open.feishu.cn/open-apis/im/v1/files", ... "-F", f"file=@{file_path}"Verify the file path and recipient before use, and do not send secrets or private files unless that is intended.
If untrusted or malformed values are used, the agent could send the wrong file, target the wrong recipient, or expose sensitive command arguments locally.
The AI usage example constructs a command from dynamic values and includes the app secret as a command-line argument. Local command execution is central to this skill, but arguments should be handled carefully.
exec(f"""\npython3 /root/.openclaw/workspace/skills/feishu-send-file/scripts/send_file.py \\\n {file_path} \\\n {user_open_id} \\\n {app_id} \\\n {app_secret} \\\n {custom_filename}\n""")Prefer safe argument-array execution, validate file paths and recipients, quote arguments properly, and ask for confirmation before sending sensitive files.
The skill may fail on systems without curl, or an agent/user may need to install it separately.
The included scripts depend on curl, while the registry requirements say no required binaries. This is an under-declared runtime dependency rather than evidence of malicious behavior.
result = subprocess.run([\n "curl", "-s", "-X", "POST",
Declare curl as a required binary or replace the curl upload step with standard-library Python code.