by 安全扫描
OpenClaw
可疑
medium confidenceThe skill mostly does what it says (creates Feishu sub‑agents and updates OpenClaw config) but contains several inconsistencies and risky behaviors (hard‑coded/system paths, plaintext storage of App Secret, and an odd GitHub/SSH step) that deserve review before running.
评估建议
Before installing or running this skill:
- Inspect the scripts yourself. They will modify openclaw.json, create directories under /home/*, and restart the Gateway.
- Note the scripts write the Feishu App Secret into openclaw.json in cleartext; plan to use a secrets provider or manually sanitize stored secrets.
- Do not blindly follow PUBLISH.md instructions that tell you to add an SSH key to your GitHub account — the included public key (and the step itself) is unrelated to creating a Feishu age...详细分析 ▾
ℹ 用途与能力
Name/description match the implementation: scripts create agent directories, generate persona files, update openclaw.json, add feishu account entries and bindings, and restart the Gateway — all consistent with a 'Feishu Subagent Creator'. However multiple scripts use different hard-coded base paths (/home/gem/workspace/agent, /home/admin/.openclaw, /home/gem/..., etc.), which is inconsistent and can cause surprising writes to unexpected locations.
⚠ 指令范围
SKILL.md and the bundled scripts instruct the agent/operator to collect App ID and App Secret and then automatically modify host system configuration (openclaw.json), create files under user/system directories, and restart the Gateway. The scripts write the App Secret directly into openclaw.json (cleartext). The SKILL.md warns to use a secret provider, but the scripts do not implement secret vaulting — contradiction between instructions and actual behavior. Scripts also reference and execute 'openclaw gateway' and 'sh scripts/restart.sh', which are system‑level actions beyond mere guidance.
ℹ 安装机制
There is no install spec (instruction-only), which lowers supply-chain risk. However multiple executable scripts and a Node.js tool are bundled — executing them will perform on-disk writes and service restarts. No remote downloads are performed, which is good, but the presence of ready-to-run scripts means the skill can change system state if run.
⚠ 凭证需求
Requesting Feishu App ID and App Secret is expected for this integration. But the skill stores the App Secret directly into openclaw.json (plaintext) and the SKILL.md does not enforce or implement secure storage. Additionally, PUBLISH.md contains instructions to add an SSH public key (and even includes a specific public key and email) to the user's GitHub account — that step is unrelated to the runtime goal of creating a Feishu subagent and is suspicious (it could encourage granting repository access to a third party).
ℹ 持久化与权限
The skill does not set always:true and does not declare persistent credentials, but it does modify global OpenClaw configuration and restarts the Gateway. Those are legitimate for the stated purpose but represent high-impact operations (system-wide config change and service restart). This is expected for the skill's function but increases blast radius if misused.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
安装命令
点击复制官方npx clawhub@latest install feishu-subagent-creator
镜像加速npx clawhub@latest install feishu-subagent-creator --registry https://cn.longxiaskill.com 镜像可用
本土化适配说明
Feishu Subagent Creator — 飞书子 Agent 创建器 安装说明: 安装命令:["openclaw skills install feishu-subagent-creator","npx clawhub@latest install feishu-subagent-creator","openclaw skills run feishu-subagent-creator -- \\\n --agent-id \"new-role\" \\\n --agent-name \"新角色名称\" \\\n --feishu-app-id \"cli_xxx\" \\\n --feishu-app-secret \"xxx\"","openclaw gateway status"] 该技能用于飞书相关操作,可能需要相应的平台账号或API密钥