Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
send image in feishu
v1.0.0Send images inline in Feishu chat by uploading via API to get image_key, then sending image message using receive_id_type in URL query.
⭐ 0· 52·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
high confidencePurpose & Capability
The stated purpose (send images via Feishu API) matches the instructions (upload image → get image_key → send). However the skill does not declare that it needs a Node runtime or any credentials, yet the instructions require reading openclaw.json for appId/appSecret and executing node. The need to access local configuration files (openclaw.json) and the presence of a hardcoded appSecret in the SKILL.md are not proportionate to the declared requirements.
Instruction Scope
Runtime instructions direct the agent to (a) read openclaw.json for credentials, (b) generate a temp file under /tmp, (c) run that file with node, and (d) read an absolute IMAGE_PATH. Reading a global config file and executing generated code are higher-privilege actions that go beyond a simple message-send helper and are not explicitly constrained or justified in the skill metadata.
Install Mechanism
This is instruction-only (no install spec), which avoids writing code to disk during install. However the runtime relies on an implicit binary (node) that is not declared in required binaries. Generating and executing temporary JS on disk is a runtime install-like action and should have been declared.
Credentials
requires.env lists nothing, but the SKILL.md instructs reading openclaw.json to extract appId/appSecret (sensitive). The doc even includes a concrete appSecret value for the 'cto' account. Asking for/using a tenant app secret and reading a global channels config is high-sensitivity and is not represented in the skill's declared requirements — this mismatch is disproportionate and exposes secrets.
Persistence & Privilege
The skill is not always:true and does not request persistent system presence. It instructs creating and removing a temporary file and does not claim to modify other skills or system-wide config. Autonomous invocation is allowed by default but is not combined here with other elevated privilege requests.
What to consider before installing
This skill will create and execute a temporary Node.js script and read your local openclaw.json to get app credentials, yet it declares no required binaries or credentials and even includes a hardcoded appSecret in the instructions. Before installing or using it: (1) Do NOT trust or reuse the hardcoded appSecret — treat it as a leaked secret and rotate it immediately if it is real. (2) Require the author to explicitly declare that node is required and to move credentials to secure env vars or a secrets manager rather than reading global config files. (3) Prefer a version that asks for appId/appSecret at runtime or uses an official SDK instead of writing/executing ad-hoc scripts. (4) If you must run it, run in an isolated environment, audit the generated script before execution, and restrict the Feishu app’s permissions. (5) Ask the publisher why openclaw.json must be read and request they remove the embedded secret from SKILL.md.Like a lobster shell, security has layers — review code before you run it.
latestvk97818n2ha8qphf51xmzcz1azn84a4hx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.