v1.3.1

Lark/Feishu Sheets & Cloud File Download (with PDF extraction)

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:34 AM.

Analysis

The skill is coherent and disclosed, but it uses Feishu/Lark app credentials to read/write cloud spreadsheets and auto-installs PDF libraries when needed.

GuidanceBefore installing, make sure the Feishu/Lark app uses least-privilege scopes, only intended files are shared with the app, and write operations are run only after confirming the target sheet and range. Be aware that PDF extraction may install third-party Python packages via pip.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

scripts/sheets_write.py

This script provides:\n- Write cell values to a range (single or batch)\n- Add a new sheet tab\n- Clone an existing sheet's values into a new sheet

The script intentionally exposes cloud spreadsheet mutation operations. This matches the skill purpose, but these actions can change business or shared data.

User impactA mistaken write, batch write, or sheet-clone command could alter a shared spreadsheet.

RecommendationConfirm the target spreadsheet token, sheet/range, and values before running write/add/clone operations, especially on shared or production spreadsheets.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

scripts/file_download.py

subprocess.run([sys.executable, "-m", "pip", "install", *packages], check=True, capture_output=True)

The PDF extraction helper can install Python packages dynamically via pip, and the artifacts do not pin package versions. This is disclosed in the README/SKILL and supports the PDF feature, but it relies on external package supply-chain integrity.

User impactRunning PDF extraction may download and install third-party Python packages into the local environment.

RecommendationIf supply-chain control matters, preinstall reviewed/pinned versions of pdfplumber, pypdf, pymupdf, and related PDF packages in a controlled environment before using the skill.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

Reads Feishu app credentials (appId/appSecret) from ~/.openclaw/openclaw.json to authenticate with the Lark OpenAPI.

The skill needs app credentials to access Feishu/Lark APIs. This is disclosed and purpose-aligned, but app credentials can grant significant tenant-level access depending on configured scopes.

User impactIf installed and configured, the skill can act as the configured Feishu/Lark app on files and sheets shared with that app.

RecommendationUse the least-privilege Feishu/Lark scopes needed, share only the intended sheets/files with the app, and protect the local openclaw.json credential file.