Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Feishu Voice (ElevenLabs)
v1.1.0Send and receive voice messages on Feishu (Lark) using ElevenLabs TTS and STT. Activate when user asks to send a voice message on Feishu, or when receiving a...
⭐ 0· 430·0 current·0 all-time
byDongDong@dongdongbear
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md and included scripts clearly require ElevenLabs and Feishu credentials (ELEVENLABS_API_KEY, FEISHU_APP_ID, FEISHU_APP_SECRET, ELEVENLABS_VOICE_ID, ELEVENLABS_MODEL_ID). However registry metadata reported "Required env vars: none" and "Primary credential: none", which is inconsistent with the files. The requested env vars are appropriate for the declared purpose, but the metadata mismatch is misleading and should be corrected.
Instruction Scope
Runtime instructions and scripts perform exactly the expected actions: call ElevenLabs TTS/STT, convert audio with ffmpeg, obtain tenant_access_token from Feishu API, upload and send audio. SKILL.md also recommends installing 'sag' and ffmpeg. One instruction suggests extracting FEISHU_APP_ID / FEISHU_APP_SECRET from $HOME/.openclaw/openclaw.json; the scripts themselves do not automatically read that file but the doc gives a snippet to export these values — this reads local OpenClaw config and is functionally relevant but worth flagging because it touches a local config file that may contain other secrets if misused.
Install Mechanism
The skill is instruction-only with small helper scripts; there is no install spec. It depends on external CLI binaries (sag, ffmpeg/ffprobe). That is reasonable for a script-based integration, but users should confirm the provenance of 'sag' (npm or go install) before installing from package registries.
Credentials
The required environment variables (ElevenLabs API key, ElevenLabs voice/model IDs, Feishu app ID/secret) are proportionate to the feature. Concern arises because the public metadata did not declare these required secrets, and because the README suggests extracting FEISHU_APP_ID/FEISHU_APP_SECRET from ~/.openclaw/openclaw.json — accessing a local agent config can expose credentials if the file contains other tokens or if the extraction is run blindly. The scripts themselves only use the specific Feishu fields, but the guidance to programmatically read local config increases risk if run without inspection.
Persistence & Privilege
The skill does not request 'always: true', does not modify other skills or system-wide settings, and contains only runtime scripts. Autonomous invocation remains enabled by default (platform standard) but does not combine with other high privileges here.
What to consider before installing
This skill appears to implement the claimed Feishu TTS/STT functionality, but note two issues before installing: (1) The registry metadata claims no required env vars while SKILL.md and the scripts require multiple secrets (ElevenLabs API key and Feishu app credentials). Don't trust the metadata alone — verify and supply only the minimum credentials. (2) SKILL.md suggests extracting FEISHU_APP_ID/FEISHU_APP_SECRET from $HOME/.openclaw/openclaw.json; inspect that file manually to ensure it contains only the expected Feishu fields and no other sensitive tokens before running the provided extraction snippet. Additional precautions: verify the origin of the 'sag' CLI before installing (npm/go), run the scripts in a restricted environment or container if possible, and consider creating Feishu credentials with limited scope/permissions for this integration.Like a lobster shell, security has layers — review code before you run it.
latestvk973jza2k0ygg4xezvd5jdxs0h82458a
License
MIT-0
Free to use, modify, and redistribute. No attribution required.