Back to skill
Skillv1.0.9
ClawScan security
Feishu File Sender · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 25, 2026, 7:22 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requested config access align with its stated purpose of uploading a local file to Feishu and sending it to a chat; nothing in the bundle appears to perform unrelated or hidden actions.
- Guidance
- This skill appears to do exactly what it says: read your OpenClaw config for Feishu appId/appSecret, obtain a tenant token, upload a specified local file, and send it to a chat. Before using it, verify you trust the source and inspect ~/.openclaw/openclaw.json (it contains app secrets) and the included script. Ensure the bot/account in that config is appropriate for sending the file and avoid sending sensitive files unintentionally. Note the tool will also accept optional env vars (OPENCLAW_CHAT_ID / OPENCLAW_RECEIVE_ID / FEISHU_CHAT_ID) for resolving the receive_id even though none are listed as required in the metadata.
Review Dimensions
- Purpose & Capability
- okName/description describe uploading local files to Feishu. The script only requires python3 and the OpenClaw config (~/.openclaw/openclaw.json) to locate appId/appSecret, then calls Feishu token/upload/send APIs — all of which are necessary and proportional for the claimed functionality.
- Instruction Scope
- noteSKILL.md and the script instruct the agent to read the OpenClaw config, resolve an agent by matching cwd against workspace paths, optionally read environment variables (OPENCLAW_CHAT_ID / OPENCLAW_RECEIVE_ID / FEISHU_CHAT_ID), and then call Feishu APIs. These steps stay within the stated purpose, but the script does read optional environment variables that are not listed in the skill's top-level 'required env vars' — they are optional for receive_id resolution.
- Install Mechanism
- okNo install spec is provided (instruction-only). The README notes 'requests' is required; that is a reasonable, low-risk dependency for an HTTP client. Nothing is downloaded from arbitrary URLs nor are archives extracted.
- Credentials
- noteThe skill reads appId/appSecret from ~/.openclaw/openclaw.json (declared in manifest) which is necessary to obtain a tenant token and send files. It does not request unrelated cloud credentials. However, it also optionally inspects environment variables (OPENCLAW_CHAT_ID / OPENCLAW_RECEIVE_ID / FEISHU_CHAT_ID) that are not declared as required in registry metadata — this is benign but worth noting so users know which env vars may be consulted.
- Persistence & Privilege
- okalways:false and default model-invocation behavior. The skill does not request permanent or system-wide changes and does not modify other skills. It only reads a per-user OpenClaw config file and performs network calls to Feishu, which matches its purpose.