Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
feishu-multi-agent
v1.0.0Production blueprint for orchestrating multiple OpenClaw agents via Feishu with file-driven task queues, cron scheduling, and workspace sandbox workarounds.
⭐ 0· 391·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes exactly what the name/description promise (Feishu-based multi-agent orchestration, file-driven task queues, cron jobs). However the manifest declares no required credentials or config, while the guide shows explicit Feishu appId/appSecret values being placed into OpenClaw config — an omission in the metadata. The guide also presumes tools like `agent-browser --cdp-endpoint` and uses macOS-specific `launchctl` commands, which are not reflected in the skill's OS/binaries metadata.
Instruction Scope
The runtime instructions stay within the stated purpose: creating Feishu bots, configuring OpenClaw channel/accounts, creating per-agent workspaces and task files, and scheduling cron jobs. The guide directs the user to read/write files under ~/.openclaw workspaces, use bash to cross workspace boundaries, and use the openclaw CLI. These actions are consistent with orchestrating agents and are explicit rather than vague.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk by the skill itself. That minimizes install-time risk.
Credentials
The manifest declares no required environment variables or primary credential, but the instructions clearly require creating multiple Feishu apps and adding their appId/appSecret into OpenClaw configuration. This is an inconsistency: the skill implicitly requires storing sensitive service credentials in your OpenClaw config (expected for this functionality) but the registry metadata does not declare or call attention to that need. The guide also suggests using browser automation that expects an authenticated browser session (not declared).
Persistence & Privilege
always:false and default autonomous invocation are normal. The skill does not request permanent presence or modify other skills' configs. It instructs the user to restart a system gateway (launchctl) and add cron jobs via the OpenClaw CLI — actions that require user privileges but are within the described orchestration scope.
What to consider before installing
This is a practical blueprint for running multiple Feishu-backed agents and appears to be what it says, but pay attention to a few things before following it in production:
- Metadata mismatch: the registry lists no required credentials, but the guide requires creating multiple Feishu apps and storing appId/appSecret values in your OpenClaw config. Treat those as sensitive secrets and do not commit them to source control.
- Platform/tools assumptions: the guide uses macOS launchctl and references an `agent-browser --cdp-endpoint` automation technique. Verify those commands/tools apply to your environment or adapt them safely.
- Principle of least privilege: when creating Feishu apps, grant only the permissions each bot needs. Avoid giving broad admin rights to bots that will be scheduled autonomously.
- Workspace file access: the approach relies on using bash to read/write across agent workspaces. That requires filesystem access and can be powerful — test in an isolated environment first and confirm access boundaries are intentional.
- Cron/autonomy risk: the recipe creates recurring autonomous jobs for agents (cron jobs + system-events). Audit jobs and sessions after creation to avoid runaway or misbehaving agents.
If you plan to install/use this blueprint, ask the author to clarify the exact credentials/files you must provide, list platform/tool dependencies explicitly, and document secure handling of app secrets. Running a staged test on an isolated machine is recommended.Like a lobster shell, security has layers — review code before you run it.
latestvk977gse3as5pd1hk736skyn8nh8239ct
License
MIT-0
Free to use, modify, and redistribute. No attribution required.