Skillv1.0.0

ClawScan security

飞书周报合并一体化流程 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 17, 2026, 8:48 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions and required actions align with its stated purpose (checking Feishu/Bitable links and merging accessible documents), but there is a gap in how Feishu credentials/connector access is described — verify platform-provided auth before installing.
Guidance: This skill appears to do what it says (batch-check Feishu/Bitable links and merge accessible docs). Before installing: 1) Confirm how Feishu authentication is provided — the skill doesn't list required credentials, so verify whether the agent platform supplies a Feishu connector/token or you'll need to provide one. 2) Review and limit the Feishu scopes granted (read many docs vs read-only specific tables, plus permission to create docs). 3) Test on a small sample to confirm the 'confirm before merge' step is enforced and merged documents appear where you expect. 4) Ask the platform vendor how owner-reporting is enforced (the SKILL.md promises results are only reported to the owner). If you cannot verify the auth/connector behavior, treat the skill cautiously.

Review Dimensions

Purpose & Capability: okName/description match the instructions: the SKILL.md only calls Feishu/Bitable-related operations (table field/record reads, document fetch, and create). The tools referenced (feishu_bitable_app_table_field, feishu_bitable_app_table_record, feishu_fetch_doc, feishu_create_doc) are exactly what a Feishu document-merge workflow would need.
Instruction Scope: okRuntime instructions are narrowly scoped to: parse a Bitable URL, extract the link column, check read permissions for each linked doc, present accessible/forbidden lists, ask user confirmation, then create a merged document. The doc explicitly requires user confirmation before merge and does not instruct the agent to read arbitrary files, system paths, or send data to external endpoints other than Feishu APIs (implied by the tool names).
Install Mechanism: okThis is an instruction-only skill with no install spec or code files to write to disk — minimal install risk.
Credentials: noteThe SKILL.md references Feishu API/tool calls but the skill declares no required environment variables or credentials. This can be benign if the platform supplies a Feishu connector/token, but you should confirm where the Feishu auth comes from (agent platform-level connector vs. user-provided credentials). Also note the skill will read many documents (potentially sensitive) when checking permissions — ensure the agent has only the minimum necessary read/create scopes and that results are only reported to the intended owner as promised.
Persistence & Privilege: okalways is false and there is no indication the skill modifies other skills or system-wide settings. It does not request persistent presence or elevated privileges beyond standard API calls.