Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
feishu-quick-setup
v1.0.2One-click Feishu bot creation. Uses the Feishu App Registration API (Device Flow) to create a new Feishu Bot and save credentials to the OpenClaw config file...
⭐ 0· 37·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
medium confidencePurpose & Capability
The skill name, description, SKILL.md, and included JS/MJS scripts all align: they start a device-flow registration with Feishu/Lark, poll for completion, and save appId/appSecret to the OpenClaw config. Minor incoherence: SKILL.md and scripts require running 'node' but the registry metadata declares no required binaries. The missing 'node' declaration is an oversight but not evidence of malicious intent.
Instruction Scope
SKILL.md explicitly instructs the agent to run the provided node scripts step-by-step and to display the verificationUrl exactly as returned. The instructions do not ask the agent to read unrelated files or exfiltrate arbitrary data. The scripts do read/write only the OpenClaw config and a local .pending.json file (documented in code), which is consistent with the skill's purpose.
Install Mechanism
There is no external install spec or remote download; all code is bundled with the skill (JS/MJS). That keeps install risk low. The scripts will be executed locally; no archives or external binaries are fetched by the skill itself.
Credentials
The skill requests no environment variables or external credentials, which is appropriate. It does write sensitive secrets (appSecret) into the user's OpenClaw config (~/.openclaw/openclaw.json) in cleartext — this is expected for its function but is a sensitive action users should be aware of. The code also writes a .pending.json file next to the scripts to persist device_code state.
Persistence & Privilege
The skill is not always-enabled and does not request elevated system-wide privileges. It modifies only the OpenClaw config (its intended target) and creates a local pending file; it does not alter other skills or global agent settings.
Assessment
This skill appears to do what it claims: run local node scripts that talk to Feishu/Lark and store the created appId/appSecret in ~/.openclaw/openclaw.json. Before installing or running it: 1) Ensure you have a recent Node runtime available (SKILL.md uses 'node' but the registry metadata didn't list it). 2) Inspect the bundled scripts (they are included) and confirm you trust them; they only call accounts.feishu.cn / accounts.larksuite.com and write to your OpenClaw config and a .pending.json file. 3) Back up your existing ~/.openclaw/openclaw.json (the script makes a .bak for existing files but you may want your own backup). 4) Remember appSecret is stored in cleartext in openclaw.json; consider filesystem permissions and whether that's acceptable. 5) If you plan to let an autonomous agent invoke this skill, be aware it will execute the bundled node scripts with whatever filesystem/network permissions the agent process has. If any of these items concern you, run the scripts manually instead of allowing the agent to run them autonomously.quick-setup.js:93
File read combined with network send (possible exfiltration).
quick-setup.mjs:95
File read combined with network send (possible exfiltration).
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk972n1segjpbt930emhf6n301584a516
License
MIT-0
Free to use, modify, and redistribute. No attribution required.