Name: feishu-all-in-one Security Report — Low Risk | ClawSafe
Item: feishu-all-in-one
Rating: 85
Author: ClawSafe

This report was generated in Chinese. Some content may be in Chinese.

15 /100

feishu-all-in-one

飞书 All-in-One 技能包 - 开箱即用的飞书消息收发解决方案

飞书消息集成技能，代码逻辑清晰，所有网络请求均指向官方飞书 API，Gateway 转发功能已声明但文档不充分，依赖版本锁定宽松但无已知漏洞，整体可信。

Skill Namefeishu-all-in-one

Duration47.1s

Enginepi

ClawHub Feishu All In One v1.0.0 by arvenwang

📥 276 📦 1

ClawHub Verdict Suspicious env_credential_accessllm_suspiciouspotential_exfiltration

✓

Safe to install

建议锁定 axios 版本为精确版本（如 ^1.13.6）以减少供应链风险；建议在 SKILL.md 中明确说明 Gateway 回调转发功能的存在。

Findings 3 items

Severity	Finding	Location
Low	Gateway 回调转发功能未在 SKILL.md 中声明 Doc Mismatch card-callback-server.js 在收到飞书卡片回调后，会将 event_id、operator、action、context 等数据通过 POST 发送到 Gateway（默认 localhost:18789/api/callback）。SKILL.md 中完全未提及此 Gateway 转发功能，构成文档-行为差异。 await axios.post(`${GATEWAY_URL}/api/callback`, payload, { headers: { 'Authorization': `Bearer ${GATEWAY_TOKEN}` ... } }) → 在 SKILL.md 中明确说明 Gateway 回调转发功能，包括转发哪些数据、转发条件（需要 GATEWAY_ENABLED=true）、数据流向	`scripts/card-callback-server.js:74`
Low	axios 版本锁定宽松 Supply Chain package.json 中 axios 版本为 ^1.6.0，允许自动升级到 1.x.y 系列。axios 历史上曾有 SSRF 和凭证泄露漏洞（CVE-2019-10742）。 `"axios": "^1.6.0"` → 锁定为精确版本，如 "axios": "1.13.6"	`scripts/package.json:9`
Info	读取飞书配置文件中的凭证 Sensitive Access 脚本读取 ~/.openclaw/openclaw.json 中的飞书 appId 和 appSecret，用于调用飞书 API。这是飞书集成的必要行为，但涉及读取敏感凭证文件。 `OPENCLAW_CONFIG = Path.home() / '.openclaw' / 'openclaw.json'` → 已正确使用——凭证仅发送到 open.feishu.cn，未外泄	`scripts/feishu_proactive_messenger.py:27`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`READ`	✓ Aligned	scripts/feishu_proactive_messenger.py:27 读取 ~/.openclaw/openclaw.json
Network	`NONE`	`WRITE`	✓ Aligned	所有网络请求指向 open.feishu.cn 官方 API，符合飞书集成功能声明
Shell	`NONE`	`NONE`	—	未发现 subprocess/popen 等 shell 执行调用
Environment	`READ`		✓ Aligned	仅读取 FEISHU_APP_ID / FEISHU_APP_SECRET，与声明一致

55 findings

🔗

Medium External URL 外部 URL

https://open.feishu.cn/

README.md:9

🔗

Medium External URL 外部 URL

https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal

scripts/feishu_file_sender.py:12

🔗

Medium External URL 外部 URL

https://open.feishu.cn/open-apis/im/v1/files

scripts/feishu_file_sender.py:14

🔗

Medium External URL 外部 URL

https://open.feishu.cn/open-apis/im/v1/messages

scripts/feishu_file_sender.py:15

🔗

Medium External URL 外部 URL

https://open.feishu.cn/open-apis/bot/v3/info

scripts/feishu_proactive_messenger.py:20

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/@larksuiteoapi/node-sdk/-/node-sdk-1.59.0.tgz

scripts/package-lock.json:17

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/@protobufjs/aspromise/-/aspromise-1.1.2.tgz

scripts/package-lock.json:32

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/@protobufjs/base64/-/base64-1.1.2.tgz

scripts/package-lock.json:38

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/@protobufjs/codegen/-/codegen-2.0.4.tgz

scripts/package-lock.json:44

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/@protobufjs/eventemitter/-/eventemitter-1.1.0.tgz

scripts/package-lock.json:50

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/@protobufjs/fetch/-/fetch-1.1.0.tgz

scripts/package-lock.json:56

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/@protobufjs/float/-/float-1.0.2.tgz

scripts/package-lock.json:66

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/@protobufjs/inquire/-/inquire-1.1.0.tgz

scripts/package-lock.json:72

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/@protobufjs/path/-/path-1.1.2.tgz

scripts/package-lock.json:78

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/@protobufjs/pool/-/pool-1.1.0.tgz

scripts/package-lock.json:84

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/@protobufjs/utf8/-/utf8-1.1.0.tgz

scripts/package-lock.json:90

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/@types/node/-/node-25.3.3.tgz

scripts/package-lock.json:96

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/asynckit/-/asynckit-0.4.0.tgz

scripts/package-lock.json:105

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/axios/-/axios-1.13.6.tgz

scripts/package-lock.json:111

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz

scripts/package-lock.json:122

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/call-bound/-/call-bound-1.0.4.tgz

scripts/package-lock.json:135

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/combined-stream/-/combined-stream-1.0.8.tgz

scripts/package-lock.json:151

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/delayed-stream/-/delayed-stream-1.0.0.tgz

scripts/package-lock.json:163

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/dunder-proto/-/dunder-proto-1.0.1.tgz

scripts/package-lock.json:172

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/es-define-property/-/es-define-property-1.0.1.tgz

scripts/package-lock.json:186

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/es-errors/-/es-errors-1.3.0.tgz

scripts/package-lock.json:195

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/es-object-atoms/-/es-object-atoms-1.1.1.tgz

scripts/package-lock.json:204

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz

scripts/package-lock.json:216

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/follow-redirects/-/follow-redirects-1.15.11.tgz

scripts/package-lock.json:231

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/form-data/-/form-data-4.0.5.tgz

scripts/package-lock.json:251

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/function-bind/-/function-bind-1.1.2.tgz

scripts/package-lock.json:267

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/get-intrinsic/-/get-intrinsic-1.3.0.tgz

scripts/package-lock.json:276

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/get-proto/-/get-proto-1.0.1.tgz

scripts/package-lock.json:300

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/gopd/-/gopd-1.2.0.tgz

scripts/package-lock.json:313

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/has-symbols/-/has-symbols-1.1.0.tgz

scripts/package-lock.json:325

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/has-tostringtag/-/has-tostringtag-1.0.2.tgz

scripts/package-lock.json:337

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/hasown/-/hasown-2.0.2.tgz

scripts/package-lock.json:352

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/lodash.identity/-/lodash.identity-3.0.0.tgz

scripts/package-lock.json:364

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/lodash.merge/-/lodash.merge-4.6.2.tgz

scripts/package-lock.json:370

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/lodash.pickby/-/lodash.pickby-4.6.0.tgz

scripts/package-lock.json:376

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/long/-/long-5.3.2.tgz

scripts/package-lock.json:382

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/math-intrinsics/-/math-intrinsics-1.1.0.tgz

scripts/package-lock.json:388

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/mime-db/-/mime-db-1.52.0.tgz

scripts/package-lock.json:397

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/mime-types/-/mime-types-2.1.35.tgz

scripts/package-lock.json:406

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/object-inspect/-/object-inspect-1.13.4.tgz

scripts/package-lock.json:418

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/protobufjs/-/protobufjs-7.5.4.tgz

scripts/package-lock.json:430

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/proxy-from-env/-/proxy-from-env-1.1.0.tgz

scripts/package-lock.json:454

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/qs/-/qs-6.15.0.tgz

scripts/package-lock.json:460

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/side-channel/-/side-channel-1.1.0.tgz

scripts/package-lock.json:475

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/side-channel-list/-/side-channel-list-1.0.0.tgz

scripts/package-lock.json:494

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/side-channel-map/-/side-channel-map-1.0.1.tgz

scripts/package-lock.json:510

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/side-channel-weakmap/-/side-channel-weakmap-1.0.2.tgz

scripts/package-lock.json:528

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/undici-types/-/undici-types-7.18.2.tgz

scripts/package-lock.json:547

🔗

Medium External URL 外部 URL

http://mirrors.tencentyun.com/npm/ws/-/ws-8.19.0.tgz

scripts/package-lock.json:553

🔗

Medium External URL 外部 URL

https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type=$

scripts/send-card.js:42

File Tree

17 files · 175.0 KB · 5875 lines

JavaScript 4f · 3947L JSON 9f · 1018L Markdown 2f · 479L Python 2f · 431L

├─ ▾ 📁 references

│ ├─ 📋 confirmation-card.json JSON 41L · 1.1 KB

│ ├─ 📋 form-card.json JSON 103L · 2.7 KB

│ ├─ 📋 poll-card.json JSON 65L · 1.7 KB

│ ├─ 📋 test-card.json JSON 37L · 622 B

│ └─ 📋 todo-card.json JSON 137L · 4.0 KB

├─ ▾ 📁 scripts

│ ├─ ▾ 📁 examples

│ │ └─ 📋 test-card.json JSON 37L · 622 B

│ ├─ 📜 card-callback-original.js JavaScript 1644L · 50.9 KB

│ ├─ 📜 card-callback-server.js JavaScript 1657L · 51.3 KB

│ ├─ 📜 card-templates.js JavaScript 440L · 10.0 KB

│ ├─ 🐍 feishu_file_sender.py Python 220L · 6.7 KB

│ ├─ 🐍 feishu_proactive_messenger.py Python 211L · 6.4 KB

│ ├─ 📋 package-lock.json JSON 573L · 21.1 KB

│ ├─ 📋 package.json JSON 13L · 341 B

│ └─ 📜 send-card.js JavaScript 206L · 6.4 KB

├─ 📋 _meta.json JSON 12L · 268 B

├─ 📝 README.md Markdown 75L · 1.4 KB

└─ 📝 SKILL.md Markdown 404L · 9.3 KB

Dependencies 2 items

Package	Version	Source	Known Vulns	Notes
`axios`	`^1.6.0`	npm	No	版本范围较宽，建议锁定精确版本
`@larksuiteoapi/node-sdk`	`^1.59.0`	npm	No	飞书官方 SDK

Security Positives

✓ 所有网络请求均指向飞书官方 API（open.feishu.cn），无未知外部 IP

✓ Gateway 转发仅在 GATEWAY_ENABLED=true 且配置了 GATEWAY_TOKEN 时才生效，默认禁用

✓ send-card.js 实现了路径安全验证，防止模板路径遍历攻击

✓ callback-server 有请求去重机制，防止重复点击

✓ callback-server 有响应验证机制，防止格式错误

✓ 依赖 @larksuiteoapi/node-sdk 为飞书官方 SDK

✓ 无 base64 编码执行、eval、spawn 等危险操作

✓ 无凭证收割、敏感路径遍历、环境变量扫描等恶意行为

✓ 所有外部 URL 均为飞书官方域名或 npm 镜像

Scan Report

Findings 3 items

File Tree

Dependencies 2 items

Security Positives