feishu-meeting-minutes
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Feishu meeting-minutes tool, but it uses local command execution and Feishu account permissions to read transcripts and optionally upload PDFs.
Before installing, confirm you are comfortable granting Feishu transcript-read access and optional Drive upload access. Use trusted local CLI tools, provide only the intended meeting URL/token or transcript file, and review the generated minutes before uploading or sharing them.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill may execute local CLI tools that can read Feishu data, create files, generate PDFs, or upload results when requested.
The script can run local commands. This matches the documented workflow for lark-cli, pandoc, and xelatex, but users should notice that the skill is not purely text-only.
import { spawnSync } from "node:child_process";Use trusted local installations of node, lark-cli, pandoc, and xelatex, and run the script only with intended tokens, transcript files, and output directories.
The skill can access Feishu meeting transcripts and, when upload is used, create files in Feishu cloud storage under the authenticated account.
The skill asks the user to authorize Feishu scopes for reading meeting content and optionally uploading files. These permissions are relevant to the stated purpose but involve private account data.
lark-cli auth login --scope "minutes:minutes:readonly minutes:minutes.artifacts:read minutes:minutes.transcript:export vc:note:read drive:file:upload"
Authorize only the scopes you need, avoid --upload unless you want a cloud copy, and review generated minutes before distributing them.
If a local dependency is missing, outdated, or replaced by an untrusted binary, the skill could fail or run the wrong local program.
The skill depends on external local binaries rather than an install spec-managed dependency set. This is disclosed and purpose-aligned, but tool provenance is left to the user environment.
- 需要 `node` - 拉取妙记与上传文件时需要 `lark-cli` - 使用 `--pdf` 时需要 `pandoc` 与 `xelatex`
Install dependencies from official sources and confirm the expected binaries are first on PATH before running the skill.