Back to skill
Skillv1.0.0
ClawScan security
Feishu Evolver Wrapper Local · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 16, 2026, 5:21 AM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code generally matches a Feishu reporting wrapper, but it omits declaring required credentials and performs broad filesystem, process, and network operations that deserve review before installing.
- Guidance
- This package contains many runnable scripts that will read workspace files, create PID/lock/log files, spawn background processes, execute shell commands, and send data to Feishu using tokens that the code expects (FEISHU_APP_ID, FEISHU_BOT_NAME, FEISHU_EVOLVER_DOC_TOKEN, and/or memory/feishu_token.json). The skill metadata does not declare those required credentials—verify them before installing. Actions to consider before running: 1) Inspect or run the code in a sandbox or isolated container; 2) Confirm where your Feishu tokens would be stored and consider creating a restricted token with minimal permissions for testing; 3) Audit any missing modules referenced (../feishu-common, ../evolver) to ensure they are honest and available; 4) Search the repo for all places that read files (memory/, logs/, assets/) to understand what might be uploaded to Feishu; 5) If you do not trust the source, do not provide production credentials and run only in a throwaway environment. The skill appears to implement its claimed features, but the omission of declared credentials and broad system access make it worth manual review before use.
Review Dimensions
- Purpose & Capability
- concernThe code implements a Feishu integration and lifecycle/watchdog for an evolver (sending cards, creating Feishu Docs, exporting logs, running daemons). That aligns with the description. However the registry/metadata declares no required environment variables or primary credential, while the code clearly expects Feishu credentials and other environment values (FEISHU_APP_ID, FEISHU_BOT_NAME, FEISHU_EVOLVER_DOC_TOKEN, OPENCLAW_MASTER_ID, etc.). This discrepancy is unexpected and disproportionate: an integration skill should declare the API tokens it needs.
- Instruction Scope
- concernSKILL.md gives a small surface (run node index.js, lifecycle.js, visualize_dashboard.js), but the included runtime instructions (code) touch many system and workspace areas: reading memory/, logs/, assets/gep/events.jsonl, /proc, MEMORY.md, creating/removing PID and lock files, spawning background processes, and calling external CLI tools (openclaw, shell commands). The code also reads token files (memory/feishu_token.json) and uploads content to Feishu. The SKILL.md does not enumerate these behaviors or the sensitive files it reads, so the instruction scope is broader than the docs indicate.
- Install Mechanism
- noteNo install spec is provided (instruction-only), which reduces installer risk. However, the bundle contains many executable JS scripts and a package.json with a local 'evolver' dependency (file:../evolver). There is no remote download in the install, but executing the included scripts will run non-trivial native operations.
- Credentials
- concernThe registry declares no required env vars/credentials but the code expects and will use multiple sensitive environment variables and token files (FEISHU_APP_ID, FEISHU_BOT_NAME, FEISHU_EVOLVER_DOC_TOKEN, OPENCLAW_MASTER_ID, FEISHU token JSON in memory/feishu_token.json). The code attempts to scan for some secret patterns before sending, but the presence of many implicit/undeclared credentials and file reads is disproportionate and should be explicitly declared and justified.
- Persistence & Privilege
- noteThe skill does not set always:true. It spawns background processes/daemons, writes PID and lock files under the workspace (memory/, logs/), and can self-start internal watchdogs. That behavior is consistent with a daemon wrapper, but it gives the skill the ability to persist as background processes within the host workspace—users should expect it to create/modify files and processes while running.