Skillv1.0.0

ClawScan security

Feishu Doc Creator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 16, 2026, 7:36 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and resource access are coherent with its stated purpose (creating Feishu documents via a robot app and transferring ownership); it does automatically read OpenClaw config for Feishu credentials and requires elevated Feishu permissions, so review those before installing.
Guidance: This skill appears to do what it says: it uses a robot Feishu app to create documents and then transfers ownership to users. Before installing, review and accept the following: (1) Inspect scripts/create-document.py yourself (particularly ownership-transfer, permission-setting, and messaging calls) to verify behavior; (2) Confirm the Feishu app credentials stored in ~/.openclaw/openclaw.json are the correct, intended app and that you trust that app — the skill will use them automatically if you do not pass explicit credentials; (3) Ensure the Feishu app only has the least privileges needed (review the listed scopes like docs:permission.member:transfer, drive:file, im:message); (4) Test on a non-production account or tenant first to ensure ownership-transfer and visibility settings behave as expected; (5) Installing runs pip install requests only, but still run install.sh in a controlled environment. If any of these points are unacceptable, do not install or supply a dedicated, scoped service account for this skill.

Purpose & Capability: okThe name/description (create Feishu docs, transfer ownership, send card links) matches the provided code and runtime instructions. Reading ~/.openclaw/openclaw.json for app_id/app_secret is consistent with the stated 'auto-read OpenClaw configuration' behavior.
Instruction Scope: noteSKILL.md and the CLI instruct the agent to call scripts/create-document.py with user_open_id and optional credentials. The script reads the OpenClaw config file and may use env vars or CLI args; this is within scope, but it means the skill will silently use any Feishu credentials present in ~/.openclaw/openclaw.json if not explicitly provided.
Install Mechanism: okInstallation is a simple install.sh that copies files into the skills directory and pip-installs requirements.txt (requests). No remote downloads or untrusted URLs are used in the install script.
Credentials: noteThe skill does not declare required env vars but will accept FEISHU_APP_ID/FEISHU_APP_SECRET or auto-read ~/.openclaw/openclaw.json. Accessing the OpenClaw config to obtain app credentials is justified for the purpose, but users should be aware the skill will use those secrets automatically if present.
Persistence & Privilege: okalways is false and the skill does not request system-level persistence beyond being installed into the agent's skills directory. It does require Feishu app permissions (including ownership transfer and sending messages) which are necessary for its features.