飞书连接问题解决方案
ReviewAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is mostly coherent, but it asks you to grant broad Feishu message, calendar, and task permissions that may exceed the stated troubleshooting need.
Use this as a troubleshooting checklist, but do not blindly import all listed Feishu scopes. Review each permission, remove unneeded calendar/task or broad message permissions, test in a limited app or workspace first, and publish only after an admin confirms the scope is necessary.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Approving these scopes could let the Feishu app access or modify sensitive workspace data beyond simply fixing bot replies.
The skill tells users to grant broad Feishu tenant/user permissions, including message access, bot sending, employee ID reading, and calendar/task read-write access. These are disclosed, but the guide does not clearly justify or scope all of them for connection troubleshooting.
"tenant": ["application:bot.menu:write", "contact:user.employee_id:readonly", "im:message", "im:message:readonly", "im:message:send_as_bot", "calendar:calendar", "task:task:write", "task:task:read"]
Import only the minimum scopes required for the specific feature you are enabling, avoid calendar/task write scopes unless needed, and have a Feishu admin review the permissions before publishing.
Feishu messages that trigger the bot may flow through the OpenClaw gateway once this is configured.
The skill instructs users to route Feishu message-receive events through a long-connection setup to the OpenClaw gateway. This is purpose-aligned, but it means message event data will be continuously delivered to that integration.
订阅方式:「使用长连接接收事件」;添加事件:`im.message.receive_v1`
Confirm the gateway endpoint, access controls, and logging/retention behavior before enabling message event subscriptions.