Skillv1.0.1

ClawScan security

Feishu Openapi Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 19, 2026, 12:11 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files and instructions mostly match its stated Feishu/Lark IM purpose, but there are a few coherence gaps (undeclared required binary and unlisted credential usage) that you should understand before installing.
Guidance: This skill appears to do what it claims (Feishu/Lark IM integration) but you should confirm a few things before installing: 1) Ensure you have the 'uxc' binary available — SKILL.md requires it but the registry metadata does not list it. 2) Expect to supply sensitive credentials (app_id/app_secret or tenant token); follow secure practices (use a secrets store, avoid plain-shell history, don't paste secrets into logs). 3) The skill's long-connection subscribe writes to a local sink file (e.g., $HOME/.uxc/subscriptions/feishu.ndjson); confirm you are comfortable with message intake being written to disk. 4) The included scripts/validation use ripgrep (rg) and jq — those tools are required only for validation. 5) Because the skill source and homepage are unknown, inspect the OpenAPI schema and SKILL.md yourself and prefer setting up credentials in a scoped service account with minimal permissions. If you need higher assurance, ask the publisher for provenance (homepage, repository) or run the validate.sh checks in an isolated environment first.

Review Dimensions

Purpose & Capability: noteThe name/description, OpenAPI schema, usage examples, and SKILL.md all consistently document an IM-focused Feishu/Lark integration via the 'uxc' tooling. That capability aligns with the files included (schema, examples, subscribe guidance).
Instruction Scope: okSKILL.md stays on-scope for an IM integration: it instructs using uxc to link a schema, call IM and contact endpoints, upload files/images, and subscribe for inbound messages. It references writing a subscription sink file and uploading local files which are expected for this use case and do not attempt to read unrelated system state.
Install Mechanism: okNo install spec — instruction-only skill — so nothing will be downloaded or written by the skill itself. The included validation script is benign and only checks files/formats.
Credentials: concernSKILL.md assumes use of sensitive credentials (FEISHU_APP_ID, FEISHU_APP_SECRET, or FEISHU_TENANT_ACCESS_TOKEN) and shows commands that bind tokens into uxc. Those are appropriate for this integration, but the registry metadata lists no required env vars and no primary credential. Additionally, SKILL.md requires the 'uxc' binary (and the validate script requires 'rg' and 'jq'), but the published metadata lists no required binaries. The mismatch between instructions and declared requirements is a coherence issue users should be aware of.
Persistence & Privilege: okThe skill does not request 'always: true' and does not modify other skills or system-wide settings. Autonomous invocation is allowed (default) but is not combined with other high-risk flags here.