Skillv1.0.1

ClawScan security

feishu-create-openclaw-app · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 15, 2026, 2:02 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions (browser automation to create a Feishu enterprise app and reveal its App Secret) match its stated purpose and it does not request unrelated credentials or install code.
Guidance: This skill appears to do exactly what it claims: automate browser-based creation and configuration of a Feishu enterprise app. Before installing or running it: (1) Review the permission list carefully — it requests many tenant-level scopes and you should only grant what you need. (2) Be aware the instructions explicitly reveal the App Secret in the UI; treat that secret as sensitive (copy it to a secure vault and do not paste it in chat or store it in plain text). (3) Prefer running this interactively rather than granting broad autonomous invocation if you want manual approval of each run. (4) If you have doubts, perform the same steps manually in the Feishu console or use official APIs so you can control each permission and credential disclosure.

Purpose & Capability: okName/description describe automating Feishu app creation via browser automation; the SKILL.md contains step-by-step browser actions to open the Feishu developer console, create an app, import permission JSON, and reveal credentials — all directly relevant to that purpose.
Instruction Scope: noteInstructions are limited to browser interactions and DOM manipulation (clicks, typing, assigning textarea.value, dispatching input/change events) for configuring the Feishu console. This stays within the declared scope, but it explicitly instructs the agent to reveal and display the App Secret to the user — an action that legitimately needed here but is sensitive and should be handled carefully.
Install Mechanism: okNo install spec and no code files — instruction-only. Nothing is downloaded or written to disk by the skill itself, which minimizes supply-chain risk.
Credentials: noteThe skill requests no environment variables or external credentials, which is proportional. The included permission JSON is broad (many tenant-level scopes); this is plausible for an integration but the user should review and approve the requested scopes before enabling them.
Persistence & Privilege: okalways is false and there are no installation steps that modify other skills or system-wide settings. The skill can be invoked autonomously per platform defaults, but there are no additional privileged persistence claims.