飞书会议纪要AI
PassAudited by VirusTotal on May 8, 2026.
Overview
Type: OpenClaw Skill Name: feishu-auto-minutes Version: 1.0.0 The skill bundle describes a tool for generating meeting minutes within the Feishu (Lark) ecosystem. The SKILL.md file outlines standard operations such as reading documents, chat logs, and tables to create structured summaries, with no evidence of malicious intent, data exfiltration to external domains, or prompt injection attacks. All described behaviors are consistent with the stated purpose of the 'feishu-auto-minutes' skill.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly broad summary could be posted to a group or sent to participants before the user has checked it.
The skill describes writing a Feishu document and automatically sending the generated minutes to participants or a chat. That is a high-impact tool action, and the artifact does not state that the user must review or approve the final content and recipients before sending.
📅 一键输出为飞书文档,自动分发给参会人 ... 使用 `message.send` 发送纪要给指定群聊
Require explicit user confirmation before creating documents or sending messages, and show the exact recipients, source materials, and final content before distribution.
The skill may need access to sensitive company documents, chats, and tables, but the artifacts do not make clear what account permissions are required or how they are limited.
These operations require Feishu workspace/account authority over documents, tables, and chat content. The supplied metadata declares no primary credential, required environment variables, or capability tags, leaving the permission boundary unclear.
使用 `feishu_doc` 读取/写入文档 - 使用 `feishu_bitable` 读取会议数据 - 使用 `feishu_chat` 提取群聊讨论
Declare the required Feishu credentials/capabilities and restrict them to the minimum needed chats, docs, tables, and write destinations.
Confidential or unrelated Feishu content could be included in a meeting summary if the source scope is too broad.
The skill is designed to pull in prior minutes, project documents, and multiple meeting records as context. This is relevant to the purpose, but it can mix sensitive or unrelated context into generated summaries if sources are not tightly selected.
🔗 支持关联上下文(前次会议纪要、项目文档) ... 周报自动汇总(聚合本周所有会议纪要)
Use only explicitly selected source documents/chats, exclude sensitive unrelated material, and review generated summaries before sharing.