Skillv1.0.0

ClawScan security

Feishu File Send · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 10, 2026, 2:21 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, requirements, and scope align with its stated purpose (sending files to Feishu); it is instruction-only, requests no credentials, and does not install or persist code.
Guidance: This skill appears to be what it claims: an instruction-only helper for sending local files to Feishu using the agent's message(...) tool. Before installing, ensure your agent's message tool already has valid Feishu authorization (im:message, drive:file) so sends will succeed. Be aware that example snippets run local Python subprocesses and reference a specific filesystem path (/Users/wangbotao/.openclaw/workspace); adapt paths to your environment and avoid running unreviewed shell/python commands you don't understand. Because the skill requests no credentials or installs, the technical risk is low, but always confirm the agent only sends files you intend and that workspace files do not contain sensitive secrets.
Findings: [no-regex-findings] expected: Regex scanner had nothing to analyze because this is an instruction-only skill with no code files; that is expected for such skills.

Review Dimensions

Purpose & Capability: okName and description (send files to Feishu) match the runtime instructions: all examples show calling the platform's message(...) helper with channel="feishu" and a local file path. There are no unrelated dependencies, credentials, or install steps requested.
Instruction Scope: okSKILL.md confines actions to creating or selecting files in the user's workspace and invoking message(action="send", channel="feishu", media=...). Example snippets show writing a PDF via a local Python subprocess and then sending it. While the examples include a hard-coded user path (/Users/wangbotao/...) and use subprocess.run (which runs local code), those are example usages to create local files and are coherent with the skill's purpose; the instructions do not ask for unrelated files, environment variables, or external endpoints.
Install Mechanism: okNo install spec and no code files — instruction-only. Nothing is downloaded or written to disk by the skill itself, so install risk is minimal.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. It references Feishu permissions (im:message, drive:file) as expected for sending files, but does not request any secrets. This is proportionate to the stated functionality.
Persistence & Privilege: okFlags are default (always:false, user-invocable:true, model invocation enabled) and the skill does not request persistent presence or modify other skills or system settings.