v1.0.0

feishuFindDoc

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:06 AM.

Analysis

The skill mostly matches its stated Feishu file-download purpose, but it should be reviewed because it uses Feishu app credentials and writes downloaded files using the chat-provided filename without path confinement.

GuidanceReview the Feishu app permissions before use, pin or verify npm dependencies, and avoid running the current version on untrusted chats until the filename-to-path handling is hardened.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

index.js

const fileName = content.file_name; ... const outputPath = path.join(options.output, fileName); ... await fs.promises.writeFile(outputPath, dataToWrite);

The local save path is built from a filename taken from Feishu message content, and the code writes to that path without rejecting path separators, '..', or verifying containment in the output directory.

User impactA crafted or unexpected filename in chat could cause the downloaded content to be saved outside the intended folder or overwrite a writable local file.

RecommendationSanitize the Feishu filename with a basename-only policy, reject path traversal components, resolve the final path, ensure it stays inside the output directory, and confirm before overwriting files.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

package.json

"dependencies": { "commander": "^12.0.0", "@larksuiteoapi/node-sdk": "^1.26.0" }

The skill depends on external npm packages with caret version ranges, so installation may resolve to newer compatible versions rather than an exact reviewed version.

User impactThe code installed at setup time can vary within the allowed dependency ranges.

RecommendationPin dependency versions with a lockfile and install from trusted registries before use.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

- `FEISHU_APP_ID` and `FEISHU_APP_SECRET` must be set in environment.

The skill requires Feishu app credentials to list chat messages and download message resources, while the registry metadata declares no required environment variables or primary credential.

User impactInstalling and using the skill gives it access through the configured Feishu app, which may include private chat history and files depending on that app's permissions.

RecommendationUse least-privilege Feishu app credentials, declare the required environment variables and Feishu scopes in metadata, and run it only for intended chat IDs and filenames.