Back to skill
Skillv1.2.0
ClawScan security
Feishu Sheet · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 10:41 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its stated purpose (Feishu Sheets operations), it only requires Feishu app credentials from a local config file and uses the Feishu Open API endpoints; nothing in the files suggests unrelated or hidden behavior.
- Guidance
- This skill appears to do exactly what it claims: interact with Feishu Sheets using a local script and your Feishu app credentials stored in ~/.openclaw/openclaw.json (or via OPENCLAW_CONFIG). Before installing: 1) ensure you trust the skill source (scripts are included and executable); 2) create a Feishu app with minimal permissions (only sheets:spreadsheet) and use those appId/appSecret values; 3) keep the config file protected (it contains app secrets); 4) note that the skill will read local image files only when you invoke image commands and caches tenant tokens in your temporary directory. If you need higher assurance, inspect the full script (provided) or run the skill in an isolated environment/account.
Review Dimensions
- Purpose & Capability
- okName/description (Feishu Sheets) align with the included script and SKILL.md. The skill asks for Feishu app credentials and uses Feishu Open API endpoints (open.feishu.cn) to create/read/write spreadsheets, images, styles, etc., which is appropriate for the stated functionality.
- Instruction Scope
- okSKILL.md instructs the agent to exec the included script to perform sheet operations and documents required inputs. The runtime script reads credentials from ~/.openclaw/openclaw.json and local image files only when image insertion commands are used. There are no instructions to read unrelated files, scan system state beyond token caching, or post data to endpoints other than Feishu APIs.
- Install Mechanism
- okNo install spec — the skill is instruction+script only. The script relies on standard tools (curl, python3, bash) that are declared as dependencies. No external downloads or archive extraction are performed by an installer.
- Credentials
- noteThe skill legitimately needs channels.feishu.appId and channels.feishu.appSecret (stored in ~/.openclaw/openclaw.json) to call Feishu APIs. Minor inconsistency: registry metadata listed no required env vars/primary credential, while SKILL.md clearly documents required Feishu credentials in the config file. The script also uses TMPDIR/OPENCLAW_CONFIG optionally; these are reasonable and documented.
- Persistence & Privilege
- okalways:false and normal autonomous invocation settings. The script caches tenant tokens to a per-user file in $TMPDIR (no system-wide or cross-skill config modifications). It does not request persistent, global privileges or modify other skills.