Skillv1.0.0

ClawScan security

飞书多维表格权限检查 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 17, 2026, 8:48 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requests and runtime instructions are consistent with its stated purpose (batch-checking Feishu/bitable document read permissions); it is instruction-only and does not ask for unrelated credentials or install code, but it implicitly depends on Feishu API connectors and will fetch documents to test access so users should verify connector scope and be cautious about content exposure.
Guidance: This skill appears internally consistent for batch-checking Feishu/bitable document read permissions. Before installing or using it: (1) confirm how your agent/platform provides Feishu access (the skill will call feishu_* APIs using whatever connector credentials are available); ensure those credentials have only the needed scope and are from an account you expect to use for these checks; (2) be aware the skill may fetch document content to determine access—verify the implementation will not leak document contents to unintended recipients; (3) test on a small set of URLs to validate rate-limit handling and output formatting; (4) if you prefer not to expose document contents at all, ensure the platform's Feishu connector can do a lightweight permission check rather than full content fetch, or modify the workflow to avoid retrieving markdown/title.

Review Dimensions

Purpose & Capability: okThe name/description match the runtime instructions: the skill extracts an app_token/table_id or URL, finds the '链接地址' field, and uses Feishu-specific APIs to test read permission. There are no unrelated required binaries or environment variables. The declared tool calls (feishu_bitable_app_table_field, feishu_bitable_app_table_record, feishu_fetch_doc) are appropriate for the described task.
Instruction Scope: noteInstructions stay within the permission-checking use case and do not request local files or unrelated env vars. However, the chosen method for permission testing uses feishu_fetch_doc which returns document content (markdown/title); the SKILL.md states it will not expose document contents and only report permission status, but the skill will still fetch documents under whatever Feishu credentials the agent has. That behavior is coherent with the purpose but worth noting as it could expose content if implemented or used differently.
Install Mechanism: okInstruction-only skill with no install spec and no code files; nothing is written to disk and no external packages are pulled during install.
Credentials: noteThe skill declares no required env vars or primary credential, which is consistent with expecting a user-supplied app_token (from URL or input). One implicit dependency is access to a Feishu connector / agent-level credentials to execute the feishu_* calls; those credentials and scopes are not declared here. This is proportionate to the task but users should verify the connector's scope (it will be used to perform many API calls and may return document content).
Persistence & Privilege: okalways is false and the skill does not request persistent/enforced presence or any system-wide config changes. It does not claim to modify other skills or system settings.