feishu-operations
PassAudited by ClawScan on May 1, 2026.
Overview
This is a documentation-only Feishu help skill with no code, install steps, or credential requirements, though users should be careful when following its automation and API-integration guidance.
This skill appears safe to install as a reference guide. When using its automation, robot, webhook, or API-integration instructions, review permissions carefully, protect secrets, and test changes before applying them to important Feishu workspaces.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user follows these steps carelessly, an automation could send unwanted notifications or modify Feishu records.
The guide teaches users to configure Feishu automation actions that can send messages or change records. This is expected for a Feishu operations guide, but misconfigured automations could affect a workspace.
执行动作 - 发送通知 - 更新字段 - 创建记录 - 发送消息
Test automations on non-critical data first, keep triggers narrow, review recipients and update actions, and avoid loops or broad workspace-wide changes.
Poorly protected or over-scoped API keys could let others access or modify connected workspace data.
The guide includes API-key-based integration steps. This is purpose-aligned, but API keys and app authorizations are sensitive and may grant access to Feishu or third-party data.
自定义集成 **API集成** 1. 获取API密钥 2. 调用API接口 3. 处理响应数据 4. 集成到飞书
Use least-privilege app permissions, keep API keys and webhook URLs secret, rotate exposed keys, and enable Feishu webhook security settings where available.