Skillv1.0.0

ClawScan security

Feishu Webhook Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 9, 2026, 8:43 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill appears to do exactly what it claims — send Feishu/Lark webhook messages and upload images using a tenant_access_token — with no signs of unrelated or covert behavior, though there are small metadata/dependency omissions you should be aware of.
Guidance: This skill is internally consistent with its stated purpose: it sends Feishu/Lark webhook messages and uploads images to the official open.feishu.cn API. Before installing/use, confirm these points: 1) You will need to provide a FEISHU_TENANT_ACCESS_TOKEN (or pass it to the upload script via --token) and a valid Feishu webhook URL — do not share these tokens publicly. 2) The package metadata did not declare Python dependencies; ensure the environment has requests and requests_toolbelt installed to run scripts/upload_image.py. 3) The skill posts only to open.feishu.cn (the official API) — if you require stricter scope, prefer a token with minimal privileges or use a bot/webhook token scoped to the target chat. 4) The registry metadata omitted required env var info; ask the publisher to update metadata to list required env vars and dependencies. If you need the skill to run autonomously, consider the usual operational risk of granting any skill access to a tenant-wide token — rotate the token if it is ever shared or no longer needed.

Review Dimensions

Purpose & Capability: okName/description match the actual files and instructions: SKILL.md documents sending text/post/card webhook messages and image upload; scripts/upload_image.py implements uploading images to open.feishu.cn using a tenant_access_token. No unrelated credentials, binaries, or endpoints are requested.
Instruction Scope: okRuntime instructions stay on-purpose: they ask the agent to confirm a webhook URL, construct message JSON, optionally upload images (via the included script), send via Feishu webhook, and verify results. The SKILL.md does not instruct reading unrelated files or exfiltrating data to third-party endpoints.
Install Mechanism: noteThis is instruction-only (no install spec), so nothing is automatically downloaded. However, the included Python script uses external packages (requests, requests_toolbelt) but the skill metadata does not declare dependencies or an install step — an operational omission rather than a malicious action. Ensure those Python packages are available before using the script.
Credentials: noteSKILL.md requires FEISHU_TENANT_ACCESS_TOKEN (used by upload_image.py) and the user's Feishu webhook URL — both are appropriate for the stated purpose. Registry metadata, however, lists no required env vars; that mismatch is an inconsistency you should note. No other secrets or unrelated env vars are requested.
Persistence & Privilege: okThe skill does not request persistent/always-on presence, does not modify other skills or system settings, and does not request elevated privileges. Autonomous invocation remains enabled by default (normal behavior).