clawbox-link-to-docs
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill is coherent for archiving a user-provided web link into Feishu docs, but users should notice that it reads web content and creates persistent documents in a Feishu account.
Before installing, confirm you want the agent to fetch web pages and create or update Feishu documents. Use it with an appropriate Feishu workspace, and avoid archiving private or sensitive links unless the resulting document permissions are correct.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or misleading webpage could contain text that tries to influence the agent while it is extracting or analyzing the article.
The workflow brings arbitrary web-page content into the agent context. This is expected for a link-archiving skill, but the source page should be handled as data, not as instructions to the agent.
Fetch source content ... Preserve original language and paragraph order.
Use the skill for links you trust, and ensure the agent ignores instructions embedded in the page content.
The agent may create or modify documents in your Feishu workspace using whatever account permissions are available.
The skill requires authority to create, update, and read Feishu documents. This is purpose-aligned, but it uses account/workspace privileges and should be limited to the intended Feishu space.
Create or update two Feishu docs ... Read back both docs after write.
Use an appropriate Feishu account or workspace, and verify where the documents will be created before using the skill for sensitive material.
If the link points to private, internal, paywalled, or sensitive content, that content may be copied into a persistent Feishu document.
The workflow intentionally stores the source URL, capture time, full text, and analysis in persistent Feishu docs. This is expected, but it creates a retained copy of the linked content.
Include source URL and capture time. Write full original text with paragraph breaks.
Check the sensitivity and sharing permissions of the target Feishu docs before archiving non-public content.