飞书转发消息读取器

ReviewAudited by ClawScan on May 10, 2026.

Overview

This skill appears to do what it claims—read Feishu forwarded-message contents—but it uses Feishu app credentials and sensitive read-only message permissions that users should understand.

Install only if you trust the skill with your Feishu app credentials and the messages visible to that app. Check the Feishu app permissions, keep the app secret private, and run it only for message IDs you intend to inspect.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI03: Identity and Privilege Abuse

What this means

The Feishu app credentials used with this skill may allow reading chat messages visible to that app and displaying sender identity information.

Why it was flagged

The skill explicitly requires a Feishu app permission that can read group messages and optionally retrieve user profile information. This is sensitive, but it is disclosed and directly related to resolving forwarded message contents and sender names.

Skill content

飞书应用需要以下权限：
- `im:message:readonly` - 获取群组中所有消息（敏感权限）
- `contact:contact.base:readonly` - 获取用户基本信息（可选，用于显示用户名）

Recommendation

Use a least-privilege Feishu app, protect the app secret, run the skill only for intended message IDs, and use the --no-names option if sender name lookup is not needed.

Medium

#ASI03: Identity and Privilege Abuse

What this means

If OpenClaw already has Feishu configured, the skill can use those local app credentials without the user manually re-entering them.

Why it was flagged

The Python helper automatically reads Feishu app credentials from the local OpenClaw configuration if command-line or environment credentials are not provided. The behavior is disclosed in SKILL.md and scoped to Feishu API use, but the registry metadata does not declare a primary credential or required config path.

Skill content

openclaw_config_path = Path.home() / '.openclaw' / 'openclaw.json' ... feishu_config = config.get('channels', {}).get('feishu', {}) ... config_app_secret = feishu_config.get('appSecret')

Recommendation

Confirm that you are comfortable with this skill using the Feishu appId/appSecret from ~/.openclaw/openclaw.json, and review Feishu app permissions before use.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

The skill may fail or require manual dependency setup even though the registry metadata says no binaries are required.

Why it was flagged

The shell helper depends on curl and jq, and the Python script imports requests, while the registry requirements list no required binaries and no install spec. This is an operational/provenance gap, not hidden installation or execution.

Skill content

TOKEN=$(curl -s -X POST 'https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal' ... | jq -r '.tenant_access_token')

Recommendation

Before use, verify that python3, the requests package, curl, and jq are available, and install them from trusted sources if needed.