智能报告生成器
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill’s reporting purpose is coherent, but it encourages automatic Feishu output from potentially sensitive data sources without clear scope, recipients, or approval boundaries.
Before installing, decide exactly which files, Feishu tables, and database queries the skill may use. Do not enable automatic sending until the Feishu destination, sharing permissions, and review process are clear.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Reports could be sent or created in a Feishu workspace automatically, potentially before the user has checked the contents or destination.
The skill recommends automatic sending to Feishu as the default output path, but does not specify user approval, destination, sharing permissions, or review before publication.
- Default Output: feishu_doc - Auto Send: true
Require explicit confirmation before each external send, and document the exact Feishu destination, sharing scope, and whether reports can be edited or deleted afterward.
Sensitive local or business data could be included in generated reports and placed into an external workspace without clearly documented limits.
The skill may move data from files, Feishu tables, JSON, and database query results into Feishu documents, but the artifacts do not define data boundaries, allowed sources, destinations, or retention.
- 飞书多维表格 - CSV/Excel 文件 - JSON 数据 - 数据库查询结果 ... - 飞书文档
Limit allowed input paths and database scopes, require the user to choose the output destination, and document what data is sent to Feishu and how it is retained.
If connected with broad Feishu or database access, the skill may be able to read more business data than intended for a single report.
Using Feishu tables and database query results likely requires account or database privileges; this is purpose-aligned, but the artifacts do not describe credential scope or least-privilege setup.
飞书多维表格 ... 数据库查询结果
Use least-privilege Feishu/database credentials, restrict access to specific tables or queries, and avoid granting broad workspace or database permissions.