feishu-operations
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: feishu-operations Version: 0.0.1 The feishu-operations skill bundle is a comprehensive documentation set designed to guide users through the Feishu (Lark) platform. It consists entirely of informational markdown files (SKILL.md and various references/*.md) covering messaging, document collaboration, bitables, and automation. There is no executable code, no evidence of data exfiltration, and no malicious prompt injection; the content is strictly educational and aligned with its stated purpose of providing platform support.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user follows these steps carelessly, an automation could send unwanted notifications or modify Feishu records.
The guide teaches users to configure Feishu automation actions that can send messages or change records. This is expected for a Feishu operations guide, but misconfigured automations could affect a workspace.
执行动作 - 发送通知 - 更新字段 - 创建记录 - 发送消息
Test automations on non-critical data first, keep triggers narrow, review recipients and update actions, and avoid loops or broad workspace-wide changes.
Poorly protected or over-scoped API keys could let others access or modify connected workspace data.
The guide includes API-key-based integration steps. This is purpose-aligned, but API keys and app authorizations are sensitive and may grant access to Feishu or third-party data.
自定义集成 **API集成** 1. 获取API密钥 2. 调用API接口 3. 处理响应数据 4. 集成到飞书
Use least-privilege app permissions, keep API keys and webhook URLs secret, rotate exposed keys, and enable Feishu webhook security settings where available.