飞书@机器人
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with the wrong chat, bot ID, or text, it could send an unintended message to a Feishu group.
The skill documents sending a Feishu group message that mentions a bot. This is expected for the skill, but it can post visible messages and notify other participants or bots.
message action=send channel=feishu target=chat:CHAT_ID message="<at user_id=\"ou_xxx\">机器人名</at> 你好!"
Confirm the target chat ID, bot open_id, and message content before sending, especially in shared or production workspaces.
Anyone with the app secret or tenant token may be able to act within the Feishu app's granted permissions.
The workflow uses Feishu app credentials to obtain a tenant access token. This is purpose-aligned for Feishu API use, but the credential can authorize message-related actions.
TOKEN=$(curl -s -X POST "https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal" ... -d '{"app_id":"YOUR_APP_ID","app_secret":"YOUR_APP_SECRET"}' | jq -r '.tenant_access_token')Use least-privilege Feishu app permissions, keep app secrets out of chat logs and files, and rotate credentials if they are exposed.
Messages sent through this skill may trigger other bots or workflows, so sensitive or ambiguous prompts could propagate beyond the current agent.
The skill is explicitly designed to communicate with other bots through Feishu group messages. This is disclosed and purpose-aligned, but it creates an inter-bot communication channel.
在飞书群聊中 @其他机器人并发送消息,让被艾特的机器人收到通知并响应。
Only send clear, intentional messages to known bots, and avoid including secrets or private data unless the receiving bot is trusted and authorized.
A wrong or outdated stored open_id could cause future messages to target the wrong bot.
The skill recommends persisting bot open_ids for reuse. This is limited and purpose-aligned, but stored identifiers can become stale or be reused in later tasks.
缓存机器人 open_id:获取后建议保存到 TOOLS.md 或数据库,避免重复查询
Store only the needed bot identifiers, label them clearly, and periodically verify them against trusted Feishu message history or admin records.