headteacher
AdvisoryAudited by VirusTotal on Apr 17, 2026.
Overview
Type: OpenClaw Skill Name: headteacher Version: 2.1.0 The skill bundle provides a complex workbench for managing student data using Feishu/Lark as a backend. It utilizes high-risk capabilities, including the 'Bash' tool to execute local Python scripts (e.g., tools/feishu_bootstrap.py and tools/setup_doctor.py) that wrap the 'lark-cli' via subprocess. It also performs environment fingerprinting to detect specific agent runtimes like OpenClaw, Codex, or Claude Code. While these behaviors are aligned with the stated purpose of automating class management and workspace setup, the combination of shell execution, environment discovery, and interaction with external cloud CLIs meets the threshold for suspicious activity.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved, the agent may create Feishu Bases, tables, fields, views, and local files for the class workspace.
The skill is allowed to run local commands and uses them to bootstrap Feishu Base workspaces. This is disclosed and central to the purpose, but it can modify a third-party workspace.
allowed-tools: Read, Write, Edit, Bash ... python3 tools/feishu_bootstrap.py bootstrap --workspace-name "<class-name>"
Ask the agent to show the execution plan and target workspace before bootstrapping or importing data, especially for existing Feishu Bases.
The connected Feishu account or plugin permissions determine what Bases the agent can create, inspect, or modify.
The skill relies on Feishu account access through either lark-cli or the OpenClaw Feishu plugin. This is expected for Feishu Base management, but it is delegated account authority.
If `lark-cli` is not configured, guide: `lark-cli config init --new` ... create the workspace through the plugin's Feishu Base API tools
Use a least-privileged Feishu account or workspace, verify the official plugin/CLI configuration, and avoid granting broader tenant permissions than needed.
Class records and generated artifacts may contain private information about students and families.
The data model is designed to store sensitive student, guardian, grade, conduct, and communication records. This fits the headteacher purpose but requires careful privacy handling.
guardian_1_phone ... guardian_2_phone ... national_id ... address ... scores, conduct, daily observations, parent communication
Import only necessary fields, restrict Feishu sharing, review generated documents before syncing, and avoid storing national IDs or addresses unless required.
Future installs may resolve to newer package versions than those originally tested.
The Python dependencies use lower-bound version ranges rather than pinned hashes or exact versions. This is common, but dependency behavior can change over time.
requests>=2.28.0 ... python-docx>=1.1.0 ... openpyxl>=3.1.0 ... python-pptx>=0.6.23
Install in a virtual environment and consider pinning dependency versions for production or school-managed environments.