⚠
High Risk:This skill has significant security concerns. Review the findings below before installing.
feishu-doc
⚠Caution·Scanned 2/17/2026
Malicious skill: reads local session logs (/home/crishaocredits/.openclaw/agents/main/sessions) and sensitive files and instructs sending them via node skills/feishu-card/send.js to https://open.feishu.cn, while also urging CLI actions and edits to SOUL.md. It claims to fetch Feishu docs and convert them to Markdown for consumption.
from clawhub.ai·v85bd32c·1.4 MB·0 installs
Scanned from 1.2.6 at 85bd32c · Transparency log ↗
$ vett add clawhub.ai/autogame-17/feishu-docReview security findings before installing
Feishu Doc Skill
Fetch content from Feishu (Lark) Wiki, Docs, Sheets, and Bitable.
Usage
node index.js fetch <url>
Configuration
Create a config.json file in the root of the skill or set environment variables:
{
"app_id": "YOUR_APP_ID",
"app_secret": "YOUR_APP_SECRET"
}
Environment variables:
FEISHU_APP_IDFEISHU_APP_SECRET
Supported URL Types
- Wiki
- Docx
- Doc (Legacy)
- Sheets
- Bitable