ClawAudit verdict

feishu-bot

feishu-bot-chen

88
๐ŸŸข Trusted
Low risk โ€” reviewed by ClawAudit, behavior matches stated purpose

The skill provides clear documentation and uses Feishu Open Platform API legitimately for messaging, group management, and approval workflows.

โš  Flagged for review โ€” coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.

Automated static analysis โ€” not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.

95
security
100
transparency
90
maintenance

Findings (3)

Coarse signal โ€” prose, single-step high

Instruction-prose smuggling shape detected: collects a sensitive target ("Secret") and emits it outward ("Send"). Phrased as prose with no trigger tokens โ€” a semantic prompt-injection / data-exfil pattern the syntactic scanners can't see. Final tier capped at Caution; review the instructions before installing.

SKILL.md ยท 1. Create a Feishu App at https://open.feishu.cn/app 2. Get App ID and App Secret 3. Configure permissions: - `im:message` - Send messages - `im:message:send_as

Pattern match low

Python os.getenv โ€” reads environment variable

feishu_bot.py ยท prose ยท downgraded ยท os.getenv(

Pattern match low

References webhook/callback URL

feishu_bot.py ยท prose ยท downgraded ยท webhook_url

Permissions & capabilities

No declared permissions โ€” minimal attack surface.

Is this flag fair?

Check another skill Browse the registry Auditing your own skills or configs? Use the API