Back to skill
Skillv1.0.2
ClawScan security
飞书任务Bot身份 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 10, 2026, 10:16 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, declared requirements, and instructions align with its stated purpose (calling Feishu/Lark v1 Task APIs as a Bot); it asks only for the expected Feishu app credentials and contains no surprising installs or external endpoints.
- Guidance
- This skill appears to do exactly what it claims: use the Feishu app credentials to fetch Bot tasks via the official v1 API. Before installing, verify (1) you are comfortable providing FEISHU_APP_ID / FEISHU_APP_SECRET to the environment (these are sensitive and grant app-level access), (2) the referenced ../lark-shared/SKILL.md is safe and contains only guidance (inspect it if possible), and (3) the Feishu app has minimal scopes needed (task:task:read / task:task:write). If in doubt, review the included scripts (scripts/lark-task-bot-list.py) locally and run them in a controlled environment with test credentials first.
Review Dimensions
- Purpose & Capability
- okName/description say 'Bot/app identity for Feishu tasks' and the package only requires FEISHU_APP_ID / FEISHU_APP_SECRET and Python; the included script obtains a tenant_access_token and calls the v1 task APIs — this is proportional and expected.
- Instruction Scope
- noteSKILL.md instructs the agent to read an external file '../lark-shared/SKILL.md' (for authentication/identity rules). Reading that shared skill document is not inherently malicious but is a cross-skill dependency that the operator should review because it grants the skill contextual guidance outside its own bundle.
- Install Mechanism
- okNo install spec; the skill is instruction-only with a small Python script included. Nothing is downloaded or written to disk by an installer.
- Credentials
- okOnly FEISHU_APP_ID and FEISHU_APP_SECRET are required/declared (primaryEnv set to FEISHU_APP_ID). These credentials are exactly what a Bot/app identity needs to obtain a tenant_access_token and call the v1 API.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-level privileges or modify other skills. It performs normal outbound HTTPS calls to official open.feishu.cn endpoints.