ClawHub

multi-agent-feishu 多飞书账号接入不同agent

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only setup guide for connecting multiple OpenClaw agents to Feishu bots, with expected credential-handling precautions.

Use only Feishu apps you control, grant the minimum bot permissions needed, keep ~/.openclaw/openclaw.json and backups out of source control and shared locations, restrict local file access where possible, and rotate the Feishu app secret if it may have been exposed. Verify each agent-to-account binding before using the bots in real chats.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill instructs users to place Feishu `appId` and `appSecret` directly into a local configuration file, but provides no guidance on protecting that file, limiting permissions, avoiding commits, or using a secret manager. This creates a real secret-handling weakness because local config files are commonly exposed through weak filesystem permissions, backups, logs, screenshots, or accidental source control check-ins.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation includes an `appSecret` field and example secrets but provides no warning about treating these values as sensitive credentials, avoiding commits to version control, or using a secrets manager. In a multi-agent/multi-account Feishu integration skill, this omission increases the chance that operators will paste real secrets into config files, docs, screenshots, or repositories, leading to credential leakage and compromise of connected bot accounts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal