Skillv1.0.0

ClawScan security

Feishu Image Sender 飞书发图指南 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 2, 2026, 3:38 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and instructions are internally consistent with a Feishu (飞书) bot image-sending helper; it requires no extra installs or credentials beyond the platform's existing Feishu channel and explains common failure modes. Minor documentation nit: it expects access to local image file paths but declares no config-path requirements.
Guidance: This skill appears to do what it says: help send images through a Feishu Bot App. Before installing, confirm that your OpenClaw Feishu channel is configured as a Bot App (has im:resource, im:message, im:message:send_as_bot) rather than a webhook. Be aware that the skill's recommended usage expects the agent to read local image file paths you provide (absolute filePath), so avoid sending sensitive images you would not want the agent or the configured bot to access. Finally, if you operate across multiple Feishu tenants, note image_key is tenant-bound and token expiry can cause intermittent failures — verify app_id/app_secret are correct in your channel configuration.

Review Dimensions

Purpose & Capability: noteSkill name/description (Feishu image/file sending) matches the instructions (use the platform 'message' tool, two-step upload via /im/v1/images then /im/v1/messages). However the SKILL.md instructs using absolute local file paths (filePath="/absolute/path/to/image.jpg"), which implies the agent will need read access to user files; the registry metadata lists no required config paths. This is explainable (sending an image legitimately requires reading the image file) but is a small mismatch between declared metadata and the runtime behavior described.
Instruction Scope: okInstructions are narrowly scoped to Feishu IM operations: call the message tool, upload images via the upload API, and then send messages with image_key. The guide documents failure modes, error codes, and distinguishes webhook bots vs Bot App. It does not instruct the agent to read unrelated system files, exfiltrate data, or contact endpoints outside Feishu APIs (aside from referencing official docs).
Install Mechanism: okNo install spec or code files — instruction-only. No downloads or third-party packages are proposed, so there is no install-time risk.
Credentials: okThe skill declares no required environment variables or credentials; it relies on the platform's Feishu channel having im:resource, im:message, and im:message:send_as_bot scopes. The SKILL.md mentions tenant_access_token lifecycle (TTL ~2h) and that OpenClaw refreshes tokens automatically; requesting those Feishu scopes is appropriate for the described functionality. No unrelated secrets are requested.
Persistence & Privilege: okSkill is not always-enabled and has no install-time persistence. It does not request modification of other skills or system-wide settings. Autonomous invocation is allowed by platform default but is not combined with other suspicious privileges.