Back to skill
Skillv1.0.0
ClawScan security
Feishu Master · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 6:43 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill implements a Feishu (Lark) API integration and the included scripts, docs, and runtime instructions are consistent with that purpose; it requires local Feishu app credentials stored in scripts/env/app.json but otherwise has no unexpected capabilities.
- Guidance
- This skill appears to do what it says: call Feishu APIs using local scripts. Before installing, do the following: (1) Inspect and keep the credentials file scripts/env/app.json private — do not commit it to source control. (2) Provide only a Feishu test app's app_id/app_secret if you want to limit blast radius. (3) Confirm you are comfortable allowing the agent to run the provided Python scripts (they call only Feishu endpoints and use subprocess to run get_token.py). (4) Ensure the requests library is installed in the runtime environment. (5) If you need the registry to document required secrets, consider requesting the publisher add a note that app.json (app_id/app_secret) is required. If you want stronger isolation, run these scripts in a constrained environment or with a test Feishu application.
Review Dimensions
- Purpose & Capability
- noteThe skill's name, description, SKILL.md and code all target Feishu APIs (token fetch, group member listing). One minor metadata mismatch: the registry lists no required credentials/environment variables, but the runtime requires a local config file (scripts/env/app.json) containing app_id and app_secret. Functionality requested by the skill (calling Feishu endpoints) matches its purpose.
- Instruction Scope
- okSKILL.md explicitly instructs the agent to read scripts/script_index.json and scripts/env/app.json, to call get_token.py, and to implement/execute Python scripts that call Feishu endpoints. The instructions do not ask the agent to read unrelated system files or exfiltrate data to unexpected endpoints — all network calls target Feishu API endpoints and documentation references. The guidance to use Context7 to fetch documentation is a documentation/search step, not an exfiltration path.
- Install Mechanism
- okThis is essentially instruction+script package with no installer or remote download. Dependencies are limited to the requests Python library (requirements.txt). There is no archive download or third-party install URL, so install risk is low.
- Credentials
- noteThe skill requires Feishu app credentials (app_id and app_secret) stored in scripts/env/app.json and manages a local token cache (token_cache.json). That is proportionate for a Feishu integration. Note: the registry metadata did not declare these credentials; instead the skill uses a local config file rather than environment variables. Users should be aware credentials will be written/read from the skill's scripts/env directory.
- Persistence & Privilege
- okThe skill does not request 'always: true' or any elevated platform privileges and does not modify other skills or system-wide agent settings. It runs standalone scripts and caches tokens in its own env/token_cache.json; this is limited in scope.