LarkSync Feishu Local Cache
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could change LarkSync settings or create a sync task even when the service or Feishu authorization is not ready, potentially causing unexpected sync behavior.
The bootstrap routine performs a check but then immediately updates configuration and creates a task without verifying that the check passed or that auth is connected. This conflicts with the documented boundary that task creation or policy changes should not occur before a successful check.
check_result = do_check(base_url)
config_result = do_configure_download(
...
task_result = do_create_task(Require bootstrap to stop unless health and auth are confirmed ready, and ask for user confirmation before changing config, creating tasks, or running a task immediately.
In WSL setups, a service that is not the intended LarkSync backend could receive folder tokens, local paths, or sync task details if it answers on the probed address and port.
The WSL wrapper selects the first endpoint with a successful health check, injects it as the base URL, and then automatically applies the remote-base-url allow flag. The skill's create/bootstrap commands include a Feishu cloud folder token and local path, so a wrong service on that address could receive sensitive sync parameters.
if item.health_ok:
return item.base_url
...
final_args = _inject_base_url(final_args, selected)
...
final_args = ensure_remote_allow_flag(final_args)Show the selected endpoint and require explicit user approval before sending create/bootstrap requests to any non-loopback address; verify the service identity and prefer authenticated HTTPS or a trusted localhost bridge.
Once authorized, LarkSync can keep accessing Feishu content according to the granted permissions and configured folder token.
The skill clearly depends on Feishu OAuth delegated access through LarkSync. This is expected for the integration, but it is account-level authority that users should understand.
注意:飞书 OAuth 首次授权仍需用户完成;授权完成后可进入日常低频同步运行。
Use the least-privileged Feishu authorization available, confirm the folder token is for the intended folder, and be cautious before enabling bidirectional or upload-only modes.
Sensitive Feishu documents may remain on disk in the chosen cache directory and may be read by OpenClaw in later sessions.
The core design stores Feishu documents as a persistent local cache for future OpenClaw reads. This is purpose-aligned, but it means cloud documents may persist locally and be reused across later tasks.
An OpenClaw integration that turns Feishu docs into a local knowledge cache.
Choose a dedicated, access-controlled local cache path; avoid syncing folders with secrets unless necessary; define cleanup and retention expectations.
The sync task may continue running after initial setup and keep mirroring Feishu content to the selected local directory.
The skill intentionally sets up an ongoing scheduled sync. This is disclosed and aligned with the purpose, but it is persistent behavior users should notice.
Default mode: `download_only` with low-frequency schedule (daily by default).
Review created task IDs and schedules, and disable or delete tasks when the local cache is no longer needed.