feishu-doc-editor

ReviewAudited by ClawScan on May 1, 2026.

Overview

This is a disclosed Feishu document-editing guide, but it can use app credentials to read, edit, and delete document content, so permissions should be tightly scoped.

Install/use this only if you are comfortable granting a Feishu app access to the target documents. Keep app secrets and tenant tokens private, scope the app to specific documents and users, confirm before edits or deletes, and remove the app’s collaborator access when it is no longer needed.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI03: Identity and Privilege Abuse

What this means

An app token with these permissions can read and modify Feishu documents where the app has been added as a collaborator.

Why it was flagged

The skill requires Feishu app credentials and document read/write permissions, which are necessary for the stated purpose but grant meaningful access to business documents.

Skill content

apply for the following permissions: ... `docx:document:write_only` ... `docx:document:readonly` ... `app_id`: "your_app_id", "app_secret": "your_app_secret"

Recommendation

Use a dedicated Feishu app, grant only the needed document permissions, add it only to intended documents, protect the app secret and tenant token, and revoke access when finished.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

A wrong document ID or block ID could change or delete content in a Feishu document.

Why it was flagged

The reference documents direct write, update, and delete API operations. These are purpose-aligned, but mistakes or overly broad use could alter or remove document content.

Skill content

PATCH /docx/v1/documents/{document_id}/blocks/{block_id} ... DELETE /docx/v1/documents/{document_id}/blocks/{block_id}

Recommendation

Require explicit user approval for destructive or bulk edits, verify document and block IDs before calling APIs, and keep backups or revision history available.

Low

#ASI06: Memory and Context Poisoning

What this means

Sensitive document text or credential-adjacent data could remain in local logs on a shared or monitored machine.

Why it was flagged

The debugging guidance suggests local logging of request parameters and responses, which may persist document content or other sensitive API data if used without redaction.

Skill content

echo "[$timestamp] ERROR: $1" >> /tmp/feishu_api_errors.log ... 记录详细日志 - 请求参数 - 响应内容

Recommendation

Redact tokens and document content from logs, avoid verbose logging on shared systems, and delete temporary debug logs after troubleshooting.