feishu-im
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Feishu IM automation skill, but it gives the agent broad authority to send messages and modify chats without clearly scoped approval controls.
Use this only with a dedicated, least-privilege Feishu bot/app token. Before installing or enabling it, decide which chats and operations are allowed, require human confirmation for any send, batch send, urgent notice, member change, or chat configuration change, and test in a small group first.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or over-broad agent action could send unwanted messages to many Feishu groups.
This documents a bulk messaging API that can send to many chats. The artifact gives a suggested batch size, but it does not require confirmation of recipients, content, or organizational impact before use.
批量发送群消息 ... POST /open-apis/im/v1/messages/batch_send ... 单次建议控制在 200 个群/次
Require explicit human confirmation for message content and recipient lists, especially for batch, system, urgent, or group-wide messages.
The agent could change Feishu group membership or configuration in ways that disrupt teams or expose information to unintended users.
The skill documents multiple mutating chat-management APIs, including adding members and changing announcements or chat UI features, without defining approval or rollback steps.
拉人入群 ... POST /open-apis/im/v1/chats/:chat_id/members ... 更新群公告 ... PATCH /open-apis/im/v1/chats/:chat_id/announcement ... 管理群选项卡(Tab)
Use a confirmation workflow for membership and configuration changes, restrict allowed chat IDs, and keep audit logs for all write actions.
If the token is too powerful or mishandled, the agent could act broadly inside the Feishu tenant.
The skill depends on a tenant-level Feishu bearer token and broad IM write scopes. The supplied registry requirements list no primary credential or environment variable, so token source, storage, and least-privilege boundaries are under-specified.
认证方式 | `Authorization: Bearer {tenant_access_token}` ... required_permissions: ... im:message ... im:chat.members:write_only ... im:chat.tabs:write_only ... im:app_feed_card:write ... im:datasync.feed_card.time_sensitive:writeDeclare the credential contract, use a dedicated least-privilege Feishu app/bot, restrict visible users and chats, and avoid exposing the token in prompts or logs.
Incorrect content could be amplified across teams before a human notices.
The skill contemplates bulk and real-time dissemination into Feishu. This is purpose-aligned, but a bad input or generated summary could quickly propagate to many chats or feeds.
批量发送控制在 200 个群/次 ... 将外部 CRM 或代码仓库动态实时推送到飞书 Feed
Use previews, small test groups, rate limits, and manual approval before enabling broad or real-time feed pushes.