ClawAudit verdict
feishu-toolkit
Reads local files AND makes external network calls
Comprehensive Feishu toolkit covering documents, chat, file sending, screenshots, permissions, and cron reminders via official Feishu APIs; all capabilities are transparently documented and match the stated integration purpose.
Automated static analysis โ not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
What it does
These are capability combinations: each listed behavior occurs in the skill, but ClawAudit detects co-occurrence โ it does not verify that one flows into another. Read the code to confirm a live chain.
Reads local files AND makes external network calls โ the capabilities for data exfiltration co-occur (data-flow not verified)
LLM02 ยท LLM06 ยท ASI03
Permission integrity
network_out
file_read
Findings (3)
Possible hardcoded credential
SKILL.md ยท frontmatter ยท SECRET: "Your Feishu app secret
Instruction-prose smuggling shape detected: collects a sensitive target ("environment variables") and emits it outward ("Send"). Phrased as prose with no trigger tokens โ a semantic prompt-injection / data-exfil pattern the syntactic scanners can't see. Final tier capped at Caution; review the instructions before installing.
SKILL.md ยท 1. Go to [Feishu Open Platform](https://open.feishu.cn/app) and create an app 2. Enable required permissions: - `im:message:send_as_bot` โ Send messages - `im:r
POSTs data to external URL
SKILL.md ยท code ยท .post(
'https://
Permissions & capabilities
No declared permissions โ minimal attack surface.
network_outfile_read Thanks โ recorded.