Feishu ClawBot Card
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A card from someone else could produce a command that does more than import the card if it is copied into a shell or executed by an agent.
The render command places card content inside single quotes for a shell command. Imported card fields can contain single quotes, and JSON.stringify does not make the result safe for shell quoting, so a malicious card could break out of the argument if a user or agent runs the generated command.
text: `node skills/feishu-clawbot-card/index.js import '${JSON.stringify(CardProtocolSchema.parse(card))}'`Do not run generated import commands from untrusted cards. The skill should output raw JSON for import or use a safe transport such as a file/stdin argument, or properly shell-escape single quotes before displaying a command.
If you import an inaccurate or spoofed card, the agent may later remember and display the wrong identity information.
The skill is designed to persist identity cards received from others. Schema validation checks format, but the artifacts do not show cryptographic signing or verification that the claimed Feishu identity really belongs to the sender.
When someone sends you their card JSON (following FCC-v1 protocol), save it to your registry.
Only import cards from trusted sources, verify Feishu IDs out-of-band when identity matters, and periodically review or delete stale cards.
Users have less external context for who maintains the skill or where updates come from.
The package contents were provided for review, but the registry metadata does not provide a clear source repository or homepage for provenance checks.
Source: unknown; Homepage: none
Prefer installing from a trusted, auditable source and verify future updates before use.