ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

飞书图片发送

v1.0.0

直接通过飞书开放平台 API 发送图片(绕过 OpenClaw 插件的限制),而非以文件附件形式发送。使用场景:需要发送截图、二维码等图片给用户时。

0· 78·0 current·0 all-time
by@moistenxx
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill's name and description (send images via Feishu Open Platform) align with the runtime instructions (obtain tenant token, upload image, send image message). However, the SKILL.md demonstrates use of an APP_ID and APP_SECRET while the registry metadata declares no required environment variables or primary credential; that's an inconsistency between what the skill needs and what it advertises.
Instruction Scope
The instructions are narrowly scoped to obtaining a tenant_access_token, uploading a local image file, and sending it via Feishu APIs — which is expected. They do instruct reading a local file (image path) and transmitting it to Feishu servers, which is necessary for the task. However the examples show hard-coded credentials in the script, which broadens the security surface and risks accidental secret disclosure.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That is the lowest-risk install model and is coherent with its purpose.
!
Credentials
The SKILL.md requires app_id and app_secret to obtain tokens, but the skill declares no required env vars or primary credential. Additionally, the SKILL.md contains a concrete APP_ID and APP_SECRET example embedded in plaintext — if those are real, they represent credential leakage; even if placeholders, embedding credentials in examples is a risky practice. The skill should explicitly declare required credentials and recommend secure handling (env vars, secret store).
Persistence & Privilege
The skill does not request always:true and does not attempt to modify other skills or system configs. Model invocation is allowed (normal). No elevated persistence or cross-skill configuration changes are present.
What to consider before installing
This skill does what it says (uploads a local image and sends it via Feishu APIs), but it has an important inconsistency: the documentation uses app_id/app_secret yet the skill metadata doesn't declare any required credentials. Also SKILL.md includes an APP_ID and APP_SECRET in plaintext — verify whether those values are real before using the skill. Before installing: (1) ask the author to declare required credentials (e.g., APP_ID/APP_SECRET) in the metadata and remove any embedded secrets from examples; (2) if you test, use throwaway Feishu app credentials and rotate them afterwards; (3) provide credentials via environment variables or a secret manager rather than embedding in scripts; (4) be aware the agent reads a local file (image) and uploads it to Feishu servers — do not use with sensitive images unless you trust the destination and credentials; (5) if you find the included APP_ID/APP_SECRET are valid, treat them as leaked and rotate them immediately.

Like a lobster shell, security has layers — review code before you run it.

latestvk972n5bydjf70jgg4n7kp6gpw183cfkc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments