飞书文档智能转换Markdown
PassAudited by VirusTotal on May 8, 2026.
Overview
Type: OpenClaw Skill Name: feishu-doc-to-markdown Version: 1.0.0 The skill is a utility designed to convert Feishu (Lark) documents into Markdown format with varying levels of detail (Raw, Enhanced, and Optimized). The instructions in SKILL.md and README.md describe legitimate document processing, local archival to 'raw_sources/', and knowledge management via 'LEARNINGS.md'. There are no signs of data exfiltration to external domains, malicious command execution, or prompt injection intended to subvert the agent's behavior beyond its stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private Feishu documents could be copied into local archives or persistent knowledge files, where they may be reused later or seen by others with access to that workspace.
This directs persistent storage of all converted versions plus summaries and paths in a knowledge base, which can retain and reuse private Feishu document content beyond the immediate conversion task.
所有版本自动保存到`raw_sources/YYYY-MM-DD/[项目名称]/`目录下 ... 在`LEARNINGS.md`中记录文档摘要、核心要点、关联文件路径,纳入知识体系
Make raw archiving and knowledge-base sync explicit opt-in actions, show the save paths before writing, and document retention, deletion, and exclusion controls for sensitive documents.
A user may believe only the optimized Markdown was produced while additional copies, including raw content, are retained in the background.
The skill explicitly recommends silently saving extra raw/enhanced versions while only presenting the optimized version, creating a hidden side effect for users who only asked for a conversion result.
默认对外提供「最终优化版」,同时静默保存另外两个版本归档
Do not silently create extra retained copies; disclose each output version and ask before saving non-requested raw or enhanced archives.
The skill can operate on documents your authorized Feishu account can read, so accidental use on sensitive links could expose content to local outputs.
The skill requires Feishu account authorization with document read access, which is expected for converting Feishu documents but should be treated as account-scoped access.
已安装并配置 `feishu` 插件 - 飞书账号授权:拥有文档阅读权限
Use least-privilege Feishu access where possible and only provide document links you intend to convert and store.
Security depends on the separately installed Feishu plugin or command that actually performs the conversion.
The reviewed package contains only instructions, while the documentation references a converter command and Feishu plugin; no unsafe install behavior is shown, but the executable behavior is not present for review.
No install spec — this is an instruction-only skill.
Verify that the Feishu plugin or converter command comes from a trusted source and review its permissions before using this skill on sensitive documents.