critical
suspicious.env_credential_access
- Location
- calendar-client.js:8
- Finding
- Environment variable access combined with network send.
feishu-calendar-event
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.env_credential_access
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
If granted, the skill can affect real Feishu calendar data, including enterprise calendars if the app has those permissions.
Why it was flagged
The skill requires Feishu app credentials and permissions that can read and mutate calendar data, including deleting events. This matches the stated calendar-management purpose but is high-impact account authority.
Skill content
开通以下权限: ... calendar:calendar.event:create ... calendar:calendar.event:update ... calendar:calendar.event:delete ... 获取凭证 ... App ID ... App Secret
Recommendation
Grant only the Feishu permissions you actually need, keep the App Secret out of source files, and require user confirmation before creating, updating, or deleting events.
NoteHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
A mistaken or over-broad agent action could create, modify, or delete the wrong calendar event.
Why it was flagged
The skill documents raw Feishu API operations for calendar mutations. These are expected for a calendar management skill, but write/delete API calls can have user-visible effects if invoked on the wrong event.
Skill content
创建日程 POST ... 更新日程 PATCH ... 删除日程 DELETE
Recommendation
Use explicit calendar IDs, event IDs, and date ranges, and ask the user to confirm any update or delete operation.
NoteMedium Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
A user relying only on registry metadata might not realize the skill needs Feishu credentials and network access to the Feishu API.
Why it was flagged
The registry metadata does not reflect the Feishu credentials and web_fetch usage documented in SKILL.md/package.json. The credential use is disclosed in the files, but the registry-level contract is incomplete.
Skill content
Required env vars: none ... Primary credential: none ... Capability signals: No capability tags were derived.
Recommendation
Review SKILL.md and package.json before installing, and update registry metadata to declare FEISHU_APP_ID, FEISHU_APP_SECRET, and Feishu API/web_fetch usage.