Tmp Feishu Skill
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent manual setup guide for connecting a Feishu bot to OpenClaw, with expected but sensitive steps involving bot credentials, local OpenClaw configuration, gateway restart, and persistent agent memory.
This skill appears safe as a manual setup guide if you intend to connect a Feishu bot to OpenClaw. Before using it, confirm the Windows paths match your machine, protect the Feishu App Secret, avoid storing secrets in MEMORY.md, and restart the OpenClaw gateway only when you are comfortable applying the new configuration.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who obtains the App Secret may be able to operate or configure the Feishu bot depending on granted permissions.
The skill asks the user to collect and later configure Feishu application credentials. This is expected for creating a Feishu bot, but the App Secret is sensitive account authority.
复制以下信息: - **App ID**(格式:`cli_xxxxxx`) - **App Secret**(点击「获取」按钮后复制) **请保存好这两个凭证,后续配置必须用到。**
Store the App Secret only in the intended OpenClaw/Feishu configuration or secret store, do not paste it into chats unnecessarily, and grant only the Feishu permissions required for message handling.
Information written into the memory file may persist across sessions and shape future agent behavior.
The guide creates a persistent memory directory and initializes MEMORY.md with sections for user information and preferences. This is aligned with agent setup, but it creates retained context that may influence future interactions.
New-Item -ItemType Directory -Force -Path "$base\memory" | Out-Null ... ## 用户信息 (待填写) ## 偏好习惯 (待填写)
Only store information you are comfortable retaining, periodically review MEMORY.md, and avoid putting secrets or unnecessary personal data in agent memory.
Restarting the gateway could temporarily interrupt existing OpenClaw integrations or agents.
The skill includes user-run OpenClaw CLI commands that inspect and restart the local gateway. This is appropriate for connecting a new bot, but it changes local service state.
openclaw gateway status openclaw gateway restart
Run the gateway restart only when you are ready to apply the configuration, and verify existing agents or channels after restarting.