Feishu Bitable Import

ReviewAudited by ClawScan on May 10, 2026.

Overview

This appears to be a disclosed Feishu Bitable import tool, but it uses Feishu app credentials and can write, overwrite, or delete table records.

Before installing, review the complete scripts, use a dedicated least-privilege Feishu app, keep APP_SECRET out of chats and logs, back up important Bitables before using full mode, and run the tool in a virtual environment with pinned dependencies if used for production data.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

If the wrong app_token/table_id is supplied, or the input file is incomplete, full sync can remove shared business records.

Why it was flagged

The full-sync path deletes all existing records in the selected Feishu table before importing new data. This matches the advertised full-overwrite mode, but it is high-impact.

Skill content

if mode == "full": ... print(f"全量覆盖: 删除现有 {len(existing_records)} 条记录") ... self.delete_record(app_token, table_id, record["record_id"])

Recommendation

Use a test table first, back up important Bitables, verify app_token/table_id carefully, and prefer incremental or append mode unless full replacement is intended.

Medium

#ASI03: Identity and Privilege Abuse

What this means

A Feishu app with broad permissions could access or change more workspace data than intended if misconfigured or if the secret is exposed.

Why it was flagged

The skill relies on a Feishu self-built app secret and delegated read/write permissions. The extra document-read permission may be broader than the visible Bitable import code requires.

Skill content

App Secret: `xxxxxx` ... 添加以下权限: `docs:bitable:read`, `docs:bitable:write`, `docs:document:read`

Recommendation

Create a dedicated least-privilege Feishu app, grant it only the permissions needed for the target Bitable, add it only as a collaborator to intended tables, and rotate secrets if exposed.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Different or future dependency versions could behave differently, and unpinned installs provide less supply-chain assurance.

Why it was flagged

The documented setup installs dependencies without pinned versions or hashes. This is common for a Python utility, but it leaves dependency versions to the installation time.

Skill content

pip install pandas openpyxl python-dotenv requests

Recommendation

Install in a virtual environment and pin dependency versions or use a reviewed lockfile for production use.