FeiShu Robot @ Protocol
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is not clearly malicious, but it uses Feishu user-identity messaging and a text-marker protocol that could let bot identities be spoofed if not carefully controlled.
Review this skill before installing if your Feishu groups include sensitive workflows. It should be limited to trusted chats, and receiving bots should verify actual Feishu sender IDs instead of trusting only the visible 【sender->receiver】 marker.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A group participant or another bot could potentially craft similarly formatted messages and make a receiving bot treat the message as coming from a different sender.
The protocol derives inter-bot sender identity from visible chat markers and message context. The artifact does not show authentication, signature checks, or verification that the actual Feishu sender/open_id is an approved bot or user.
当收到 mention 事件时... 解析引用指向的第一条消息,获取【】里的发送者 ... 如果没有:往上回溯,找到最近一条满足:- 【发送者->接收者】或【发送者->接收者1,接收者2...】格式匹配
Require verification against Feishu sender IDs, bot allowlists, referenced message IDs, and preferably signed/nonced protocol metadata before treating the bracketed sender field as authoritative.
Messages may be sent into Feishu chats using a user identity rather than only a bot identity.
The skill explicitly uses a user-identity Feishu messaging tool to post messages that trigger mentions. This is central to the stated purpose, but it uses delegated user/account authority.
第2步:用用户身份发送(feishu_im_user_message send)... 触发 mention 事件
Install only if you are comfortable with the agent using the relevant Feishu user messaging capability, and limit it to approved chats and recipients.
Feishu group member identifiers and limited recent message context may be read and stored locally for future use.
The skill maintains a persistent local mapping of Feishu usernames/open_ids and can refresh it from recent chat history. This is purpose-aligned and scoped, but it stores and reuses identity data across interactions.
文件位置: `~/.openclaw/workspace/feishu-user-map.md` ... | 用户名 | 用户ID (open_id) | 类型 | 更新时间 | ... const messages = await feishu_im_user_get_messages({ chat_id: chatId, page_size: 50 });Review the mapping file periodically, restrict file access, and define retention/cleanup expectations for stored Feishu user IDs.