Back to skill
Skillv1.0.0
VirusTotal security
Feishu Doc Creator · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 16, 2026, 7:36 AM
- Hash
- 62fc74bafb386e353a81fcb0e4ae4ebbec59538e14c8acb0ed534120f94567ff
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: feishu-doc-creator Version: 1.0.0 The skill bundle is designed to create Feishu documents by reading sensitive credentials (App ID and Secret) directly from the OpenClaw configuration file at `~/.openclaw/openclaw.json`. While this behavior is explicitly documented in `SKILL.md` as a feature to bypass platform-imposed document limits, the practice of a skill script accessing the host's primary configuration file is a high-risk behavior. The logic in `scripts/create-document.py` appears functionally aligned with its stated purpose and interacts only with official Feishu endpoints (open.feishu.cn), but the lack of credential isolation makes it suspicious from a security architecture perspective.
- External report
- View on VirusTotal