Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
feishu-doc-sender
v1.0.0Send Word (.docx) and PDF documents to Feishu/Lark users and groups. Automatically detects document files in workspace and delivers them with proper formatti...
⭐ 0· 55·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The manifest and SKILL.md state that the skill will send .docx/.pdf files to Feishu/Lark users/groups, but the repository contains only a local finder script (find_docs.py) that lists files in a workspace; there is no code, instructions, or required environment variables to authenticate with or call Feishu/Lark APIs. Additionally, README references scripts/find_docs.py (a different path) and SKILL.md mentions /workspace/ while find_docs.py defaults to OPENCLAW_WORKSPACE (/root/.openclaw/workspace) — these inconsistencies further reduce trust that the package implements its claimed sending capability.
Instruction Scope
SKILL.md instructs scanning the workspace and confirming before sending, but does not provide any concrete sending steps or external endpoints. The included script only reads files in the workspace (using OPENCLAW_WORKSPACE if set) and prints or JSON-outputs matches; it does not contact external services or exfiltrate data. However, SKILL.md's high-level language ('确认后发送', '一键发送') gives a user the expectation of automated delivery that the package does not implement.
Install Mechanism
Instruction-only skill with a small Python utility; there is no install spec or remote downloads. Nothing is written to disk by an installer and there are no suspicious download URLs or packaged binaries.
Credentials
No Feishu/Lark credentials or API environment variables are declared or required despite the skill's claimed ability to send messages (expected vars like APP_ID, APP_SECRET, BOT_TOKEN, or WEBHOOK are absent). The script does use an environment variable OPENCLAW_WORKSPACE (not documented in SKILL.md) which is plausible but not called out. The absence of any credential handling is disproportionate to the stated purpose.
Persistence & Privilege
The skill is not always-enabled, does not request persistent/system-wide changes, and contains no code that modifies other skills or global agent config. Autonomous invocation is allowed by default but that is normal and not by itself a red flag here.
What to consider before installing
This package is primarily a local file-discovery helper, not a complete Feishu/Lark sender. Before installing or enabling it: 1) Don't assume it will upload or send files — the code only finds and lists files. 2) If you want automatic sending, request a skill that explicitly shows Feishu API calls and documents required credentials (app id/secret or bot token) and where to set them. 3) Note the workspace path mismatch — the script defaults to OPENCLAW_WORKSPACE (/root/.openclaw/workspace) while SKILL.md mentions /workspace/ and README references scripts/find_docs.py; verify which path will be scanned and that sensitive files won't be exposed. 4) Test the script in a safe sandbox workspace first. 5) If the intent is automated delivery, insist the author add explicit, auditable sending code (with secure credential handling) or explain how it integrates with another skill that performs the send.Like a lobster shell, security has layers — review code before you run it.
latestvk973h6f57wwpfyh3fv49315bps83hqjj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.