Pywayne Lark Bot
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This looks like a normal Lark bot helper, but it requires bot credentials and can send, receive, and transfer organization messages and files, so it should be used with scoped credentials and care.
Use this skill only if you intend to connect an agent to Feishu/Lark. Verify the pywayne package source, use a dedicated least-privilege bot app, keep app_secret out of prompts and shared files, confirm recipients and file paths before sending or downloading, and treat incoming Lark messages as untrusted content.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A bot app secret could allow actions in the associated Feishu/Lark workspace, such as messaging or querying allowed resources.
The skill expects Lark application credentials even though the registry metadata lists no primary credential; this is normal for a bot integration but gives the skill whatever Lark permissions that app has.
bot = LarkBot(app_id="your_app_id", app_secret="your_app_secret")
Use a dedicated, least-privilege Lark bot app; store the secret securely; and declare the credential requirement clearly before installation.
Mistaken use could send messages or files to the wrong person or group, or query workspace data beyond what the user intended.
The skill documents broad Lark bot operations that can post to chats, send files, share users/chats, and query workspace information; these actions fit the stated purpose but can affect real users and groups.
send messages (text, image, audio, file, post, interactive, share) ... manage files (upload/download); query user/group info
Confirm recipient IDs, message contents, and file selections before sending or uploading, especially for group chats or shared resources.
Incoming messages may contain sensitive data or untrusted instructions that should not automatically control the agent.
The skill includes a real-time Lark message listener, meaning incoming chat content and sender metadata can enter the agent workflow from external users.
LarkBotListener - 消息监听 ... 用于实时接收和处理消息
Treat received messages as untrusted input, limit which chats/users the bot listens to, and avoid logging or reusing sensitive message content unnecessarily.
If a user installs or runs an external pywayne package, that package may handle Lark credentials, messages, and files.
The artifact set does not include runnable code or a provenance link for the referenced bot wrapper, so users cannot verify implementation details from these artifacts alone.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill; No code files present
Install the referenced library only from a trusted, pinned source and review its handling of credentials and file transfers before using production bot secrets.