Lark Calendar Litiao
WarnAudited by ClawScan on May 10, 2026.
Overview
This looks like a real Lark calendar/task integration, but it needs review because it can mutate Lark data, uses undeclared app credentials, auto-adds a hard-coded attendee, fetches broad employee directory data, and has metadata/default-calendar mismatches.
Review this skill before installing. Use only a least-privilege Lark app, verify the actual default calendar ID, understand that Boyang is automatically added to every new event, and confirm whether broad employee directory access and any messaging capability are acceptable for your workspace.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing users may not realize they must provide Lark app credentials that can authorize organization-level actions.
The skill requires Lark app credentials and exchanges them for a tenant access token, but the registry metadata declares no required env vars or primary credential. That under-declares the credential boundary for a skill that can create, update, and delete Lark events and tasks.
const APP_ID = process.env.FEISHU_APP_ID;
const APP_SECRET = process.env.FEISHU_APP_SECRET;
...
body: JSON.stringify({
app_id: APP_ID,
app_secret: APP_SECRET
})Declare FEISHU_APP_ID and FEISHU_APP_SECRET in metadata, document the exact Lark scopes required, and advise users to use a least-privilege app limited to the intended calendars/tasks.
Events could be created, updated, or deleted in the wrong Lark calendar if the user relies on the documented default.
The code's default calendar ID differs from SKILL.md's stated default calendar ID, so user-directed create/update/delete operations may affect a different calendar than the user expects.
export const DEFAULT_CALENDAR_ID = 'feishu.cn_aotpypXdLWDwgRr62Y25ie@group.calendar.feishu.cn';
Make the documented and coded default calendar match, or require the user to explicitly provide a calendar ID for mutating operations.
A hard-coded person may receive invitations or see event details even when the user did not explicitly name them.
Every created calendar event automatically includes a hard-coded user, and the code does not show an opt-out. SKILL.md discloses the rule, but it is still a high-impact automatic sharing action.
// Always include Boyang const finalAttendeeIds = ensureBoyangIncluded(attendeeIds);
Require explicit user confirmation for automatic attendees, provide an opt-out flag, and clearly show the final attendee list before creating an event.
The skill may read and temporarily retain more employee directory information than users expect.
For name resolution, the skill fetches the root department and stores fields including email, mobile number, department IDs, and open_id in an in-memory cache. That is broader personal-data access than simple name-to-user_id resolution.
department_id: '0', // Root department = all employees ... email: user.email, mobile: user.mobile, department_ids: user.department_ids, open_id: user.open_id
Limit contact lookups to the specific requested names, store only user_id and display name, and document any required contact-directory permissions.
If used by an agent or developer, the skill could send Lark messages even though users installed it for calendar and task operations.
The library exposes a Lark IM send-message function that is not described in the skill's calendar/task purpose or quick reference. It is not called by the included scripts, but it broadens available account actions if invoked programmatically.
export async function sendMessage(receiveId, receiveIdType, content) {
return larkApi('POST', '/im/v1/messages', {Remove unused messaging helpers or explicitly document them, including required scopes and when the agent may use them.
Users have less assurance that the packaged artifact corresponds exactly to the registry listing they are installing.
The embedded metadata owner and slug differ from the registry-provided owner and slug for this evaluation. This may be a packaging or republishing issue, but it reduces provenance clarity for a skill that needs Lark credentials.
"ownerId": "kn712r5njw97kym7r3qne0y6hx80asrk", "slug": "lark-calendar"
Republish with consistent metadata and provide a source repository or provenance information.