ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Feishu Send Message as App

v1.0.0

Send a Feishu IM message as the app (bot identity). Use when you need to send a message that appears to come from the bot/app, not the user. Uses App Access...

0· 119·0 current·0 all-time
by@jkzleond
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's purpose (send Feishu messages as the app) matches the included script. However the registry metadata declares no required credentials or config paths while SKILL.md and the script read appId and appSecret from openclaw.json (default /root/.openclaw/openclaw.json). The omission in metadata is an inconsistency that could hide sensitive file access.
!
Instruction Scope
SKILL.md and scripts instruct the agent to read credentials from openclaw.json, call Feishu API endpoints, and cache an app token in /tmp/feishu_app_token.cache. The instructions stay within the Feishu API domain, but they reference and read a local config file that was not declared in the registry, which expands scope beyond what's advertised.
Install Mechanism
No install spec; this is an instruction-only skill with a small included shell script. Nothing is downloaded or written during install beyond the script itself.
!
Credentials
Registry lists no required environment variables or primary credential, yet the script requires appId/appSecret (read from openclaw.json) and supports optional FEISHU_* env vars for convenience. Requesting access to local stored credentials without declaring them is disproportionate to the metadata and should be justified.
Persistence & Privilege
The skill is not marked always:true and does not modify other skills. It writes a cached app token to /tmp/feishu_app_token.cache (temporary, potentially world-readable) but otherwise does not request persistent elevated privileges.
What to consider before installing
This skill's code does what it says (gets an app token and posts to Feishu), but the registry metadata fails to declare that it reads appId/appSecret from an openclaw.json file (default /root/.openclaw/openclaw.json). Before installing: (1) confirm where your Feishu app credentials are stored and whether you want this skill to read that file; (2) ensure the openclaw.json file permissions are restrictive and that you trust the skill's origin; (3) be aware the script caches the app token in /tmp (may be readable by other users on the host); (4) review the script locally to ensure it matches your expectations and consider testing in an isolated environment. If you need higher assurance, ask the publisher to update registry metadata to declare the required config path and to explain token caching behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk972smtnssf044zxfv9ehvmpex83jdnp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments