ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

飞书+Agent企业方案

v1.0.0

提供飞书文档、知识库、多维表格、日历和任务的企业级自动化管理解决方案。

0· 80·0 current·0 all-time
by@wukai8289

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for wukai8289/lark-enterprise-agent.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "飞书+Agent企业方案" (wukai8289/lark-enterprise-agent) from ClawHub.
Skill page: https://clawhub.ai/wukai8289/lark-enterprise-agent
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install lark-enterprise-agent

ClawHub CLI

Package manager switcher

npx clawhub@latest install lark-enterprise-agent
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's description and SKILL.md state it will read/write Feishu documents, bitables, wiki, calendar and tasks — all of which normally require API credentials (app id/secret or OAuth tokens). However, the package declares no required environment variables, no primary credential, and the SKILL.md contains only high-level marketing/trigger text with no authentication or API usage details. That omission is disproportionate to the claimed capabilities.
Instruction Scope
The SKILL.md is high-level (overview, capabilities, pricing, trigger words) and does not include procedural runtime instructions, commands, or references to files/paths. It therefore doesn't explicitly instruct the agent to read unrelated files or exfiltrate data, but its vagueness leaves open how the agent will obtain the necessary credentials or what it will do at runtime.
Install Mechanism
No install spec and no code files to execute are provided (instruction-only plus a package.json manifest). This lowers immediate supply-chain risk because nothing is downloaded or written by an install step.
!
Credentials
For integration with Feishu, one would expect declared env vars (e.g., FEISHU_APP_ID, FEISHU_APP_SECRET, FEISHU_TOKEN) or an explanation of OAuth flow. The absence of any credential declarations is suspicious: it could mean the skill expects ambient agent credentials, will prompt for credentials at runtime, or relies on undisclosed mechanisms. Any of these require scrutiny because they affect access to potentially sensitive enterprise data.
Persistence & Privilege
The skill is not marked always:true and does not request to modify other skills or system-wide settings in the SKILL.md. Autonomous invocation is allowed (platform default) but that's normal and not by itself a red flag.
What to consider before installing
Before installing: ask the publisher how the skill authenticates to Feishu (exact env vars, OAuth flow, token storage and rotation). Do not provide organization-wide admin tokens; prefer a least-privilege Feishu app or scoped service account. Request concrete runtime instructions or source code showing API calls and where credentials are stored. Test in a sandbox account first and verify audit/logging and a way to immediately revoke tokens. If the vendor cannot explain where credentials are kept and how data is used/retained, treat the skill as unsafe for production.

Like a lobster shell, security has layers — review code before you run it.

latestvk974spq55z97pb4qsqvsa6dgnx8475kd
80downloads
0stars
1versions
Updated 3w ago
v1.0.0
MIT-0
@wukai8289
latest
Download

Lark Enterprise Agent Skill

🏢 飞书+AI Agent企业解决方案 — 知识库/文档/多维表格/日历/任务全自动化

Overview

基于飞书生态+OpenClaw Agent的企业自动化方案:

核心能力

  1. 飞书文档自动化 — feishu-doc读写/表格/图片
  2. 多维表格管理 — feishu-bitable CRUD操作
  3. 知识库对接 — feishu-wiki搜索/创建
  4. 日历集成 — feishu-calendar会议安排
  5. 任务管理 — feishu-task分配追踪

适用场景

  • 企业内部知识库Agent
  • 新人培训自动问答
  • 项目管理自动化
  • 会议纪要自动生成
  • 跨部门协作流程

Pricing

PlanSetupMonthly
基础版¥10,000¥2,000
标准版¥30,000¥5,000
定制版¥50,000+按需

Trigger Words

  • "企业知识库" → 方案设计
  • "飞书自动化" → 配置指南
  • "新人培训" → 培训方案

Comments

Loading comments...