Feishu Advanced Builder
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill mostly matches its Feishu-building purpose, but it handles high-privilege Feishu app credentials and can print a tenant access token while the registry metadata does not declare those credentials.
Review before installing. Use a least-privilege Feishu app, verify that FEISHU_BASE_URL is unset or points only to the official Feishu API, avoid running get-tenant-token unless debugging, and do not share terminal/chat logs that may contain tokens. Check target document/table IDs and file contents before allowing the agent to write to Feishu.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who can see the command output may get temporary Feishu app access within the app's granted scopes.
The helper command can print a Feishu tenant access token to stdout. Agent transcripts, terminal logs, or shared run output could capture this token, and SKILL.md does not warn users about this token exposure.
print({ ok: true, tenantAccessToken: token });Avoid printing tenant tokens by default. Mask the value, require an explicit debug-only request, and keep tokens out of chat, logs, and shared terminal output.
If the environment variable is set incorrectly or by an untrusted party, the Feishu app secret could be sent somewhere other than Feishu.
The app ID and app secret are posted to a base URL controlled by an undocumented environment variable. The default is Feishu, but an unexpected FEISHU_BASE_URL value would redirect credential submission.
const BASE_URL = process.env.FEISHU_BASE_URL || 'https://open.feishu.cn/open-apis'; ... body: { app_id: APP_ID, app_secret: APP_SECRET }Pin or validate the Feishu API host, document FEISHU_BASE_URL if it is supported, and warn users not to override it unless they control the endpoint.
Using the skill can create or change Feishu workspace content, including documents, whiteboards, and tables.
The skill explicitly states that it directly modifies Feishu document blocks and data records. This is aligned with the stated purpose, but it is still a meaningful mutation capability.
它直接干预飞书底层的原子块(Block)与数据行记录
Use it only with the intended Feishu app, verify target document/table IDs before running commands, and keep app permissions as narrow as possible.
The script may fail until the dependency is installed, and users may need to choose a package source/version themselves.
The markdown conversion script depends on an external package, but the supplied artifacts include no install spec, package manifest, or lockfile explaining the dependency source or version.
} = require('feishu-markdown');Add a package manifest or install instructions with pinned dependency versions before relying on the script.
Content from selected local files can be uploaded into Feishu.
The script reads a user-selected local Markdown file and sends parsed table data to the Feishu API. This is expected for the stated purpose, but it is still an external data flow.
const md = fs.readFileSync(args.markdownFile, 'utf8'); ... await feishuFetch(`/bitable/v1/spreadsheets/${spreadsheetToken}/sheets/${sheetId}/records`,Review files before passing them to the scripts, especially if they may contain private or regulated information.