Skillv0.1.0

ClawScan security

Feishu Workspace · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 14, 2026, 1:32 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose is to read/write Feishu Docs/Wiki/Bitable, but it declares no credentials or install steps and the runtime instructions are vague about how API access will occur — coherent intent but under-specified and potentially misleading.
Guidance: This skill documents how an agent should work with Feishu content but does not declare how it will obtain API access. Before installing or enabling it: confirm whether your OpenClaw agent or platform already has a Feishu connector (and what scopes it exposes), or whether you'll need to supply Feishu app credentials. Ask the skill author to declare required env vars and exact Feishu API scopes (read/write for Docs, Wiki search, Bitable field write) and to explain where data is sent. If the agent will act autonomously, restrict granted Feishu scopes to the minimum needed and test with a non-production workspace first. Refuse to provide broad account-level tokens until those details are clarified.

Review Dimensions

Purpose & Capability: noteThe name/description explicitly target Feishu Docs, Wiki, and Bitable (read/write/search). That purpose normally requires Feishu app credentials or a connector. The skill is instruction-only and requests no env vars or credentials — plausible if the platform already provides a Feishu connector, but the registry metadata does not state that. This is an under-specification rather than an outright mismatch.
Instruction Scope: noteSKILL.md stays on-topic (search wiki, write docs, map bitable fields) and does not instruct reading unrelated system files or secrets. However the instructions are high-level and assume the agent can inspect table metadata and perform reads/writes given a URL — it does not specify which endpoints to call or how to obtain access. The vagueness grants the agent broad discretion to attempt Feishu API calls or to ask for credentials, which should be explicit.
Install Mechanism: okNo install spec and no code files are included (instruction-only). This is the lowest-risk delivery mechanism and consistent with a guidance-style skill.
Credentials: concernThe skill declares no required env vars or primary credential despite describing read/write operations that typically need Feishu app tokens and scopes. Absence of explicit credential requirements is surprising and could mislead users about what will be needed or what the agent will request at runtime.
Persistence & Privilege: okalways is false and model invocation is allowed (platform default). The skill does not request elevated persistence or to modify other skills or system-wide settings.