Feishu Proactive Messenger
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent or prompt that can invoke this skill may be able to send messages using another configured agent's Feishu bot identity, causing confusing or unauthorized outbound messages.
A caller-supplied agent id directly determines which Feishu appId/appSecret are read from the global OpenClaw config, with no artifact-backed check that the caller is actually that agent.
parser.add_argument("--agent", default=None, help="Agent id ...") ... agent_id = args.agent or resolve_agent_id(config)
app_id, app_secret, default_to = resolve_feishu_account(config, agent_id)Bind credential selection to the authenticated/current agent rather than a free-form --agent argument, or enforce an allowlist and require explicit confirmation when switching agent identities.
If invoked incorrectly or by an over-eager agent, it could send unintended or unsolicited Feishu messages from the user's configured bot.
The script sends caller-provided text to a Feishu recipient through the OpenAPI send-message endpoint. The provided code does not show recipient allowlisting, message preview, rate limits, or a user approval gate.
payload = {
"receive_id": receive_id,
"msg_type": "text",
"content": json.dumps({"text": text}),
}
resp = requests.post(FEISHU_SEND_MSG_URL, ... json=payload, timeout=15)Require explicit user approval before sending, restrict recipients to a configured allowlist/defaultTo, add audit logging, and consider rate limits for automated sends.
Installation depends on whatever version of 'requests' is resolved from the user's package index at install time.
The skill depends on an external Python package installed manually without a pinned version or lockfile. This is common for Python utilities, but users should notice the dependency provenance.
python3 -m pip install requests
Install from a trusted package index and consider pinning a known-good requests version in deployment documentation.