Feishu Voice (macOS)
Analysis
This skill appears to do what it claims—generate audio from text and send it to Feishu—but users should notice that it uses Feishu bot credentials and may send message text to OpenAI for TTS.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.
curl -sf -X POST "https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type=$RECEIVE_ID_TYPE"
The script sends an audio message to a caller-provided Feishu recipient. This is the core purpose of the skill, but it is still an action that posts content into a third-party chat.
Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.
APP_SECRET=$(python3 -c "import json; d=json.load(open('$CONFIG')); print(d['channels']['feishu']['appSecret'])")The script reads a Feishu app secret from the local OpenClaw configuration and uses it to obtain a tenant access token. This is expected for a Feishu bot sender, but it grants account-level authority to upload and send messages according to that bot's permissions.
Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.
Automatically uses OpenAI TTS (gpt-4o-mini-tts) if OPENAI_API_KEY is set, otherwise falls back to macOS `say`.
When OPENAI_API_KEY is present, the text to be spoken is sent to OpenAI's audio API. This provider use is disclosed and aligned with the TTS function, but it means message content may leave the local machine.