飞书媒体发送
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: feishu-media Version: 1.1.0 The skill is suspicious due to multiple potential vulnerabilities arising from its instructions to the AI agent. The `SKILL.md` explicitly instructs the agent to execute shell commands (`ffmpeg`, `zip`, `tar`) without specifying input sanitization, creating a high risk of shell injection if user-provided input is used in command arguments. Furthermore, the `filePath` parameter for sending messages allows specifying arbitrary local file paths, which could be abused for local file disclosure or exfiltration (e.g., sending sensitive system files). The `media` parameter also allows fetching content from arbitrary URLs, posing a potential SSRF risk. These are critical vulnerabilities, but there is no clear evidence of intentional malicious behavior by the skill developer.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken file path or Feishu recipient could send private media or documents to the wrong chat or user.
The skill instructs the agent to use a messaging tool to upload local files to Feishu. This is central to the stated purpose, but sharing the wrong file or target could expose private content.
`message action=send channel=feishu filePath=/path/to/file.pdf message="文件说明"`
Before sending, verify the exact file path, remote URL, and Feishu target; prefer explicit user confirmation for sensitive or external recipients.
The authorized Feishu app or account can post messages and upload files according to those permissions.
The skill needs Feishu permissions to send messages and upload resources. These permissions are expected for this integration, but they grant delegated authority in the user's Feishu workspace.
飞书应用需要 `im:message`、`im:resource` 权限
Use the least-privileged Feishu app configuration available and revoke access if the skill is no longer needed.
Voice conversion or duration detection may fail unless the user has the expected local tools installed.
The registry lists no required binaries, while the skill documentation says ffmpeg/ffprobe may be needed. This is a metadata completeness issue, not evidence of hidden behavior.
需要 ffmpeg/ffprobe 支持语音格式转换和时长检测
Install media tools only from trusted sources and check generated files before sending them.
Running the examples on the wrong inputs could overwrite an output file or package unintended content.
The skill includes local command examples for converting and packaging media. They are user-directed and aligned with the media-sending purpose, but they write local output files.
`ffmpeg -i input.mp3 -ar 16000 -ac 1 -acodec libopus output.ogg -y`
Run conversion and archive commands only on intended files, use safe output paths, and inspect archives before sending.