Security Audit

feishu-drive

github.com/openclaw/openclaw

AI SkillCommit b62bd290cb4e

TRUSTED

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

feishu-drive received a trust score of 90/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 2 medium, and 0 low severity. Key findings include File URLs returned by `list` action could lead to data exfiltration, Broad 'Full access' permission (`drive:drive`) allows destructive operations.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 18, 2026 (commit b62bd290). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

86%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

2 findings

Excessive Permissions

2 findings

Security Findings2

Severity	Finding	Layer	Location
MEDIUM	File URLs returned by `list` action could lead to data exfiltration The `list` action, when called, returns a list of files including their `url`. If these URLs are direct access links to the files, an attacker could potentially prompt the LLM to list contents of sensitive folders and then extract these URLs, leading to unauthorized access or exfiltration of file contents. The risk is amplified if the bot has access to sensitive shared folders. Implement strict output filtering for URLs, especially for sensitive files. Ensure the LLM is constrained from directly outputting file URLs without explicit user consent or security checks. Consider if the `url` should be returned at all, or if it should be a temporary, authenticated, and short-lived URL.	LLM	SKILL.md:23
MEDIUM	Broad 'Full access' permission (`drive:drive`) allows destructive operations The skill describes a `drive:drive` permission that grants 'Full access (create, move, delete)'. While the bot's access is limited to folders explicitly shared with it, if a sensitive folder is shared, an unconstrained LLM could be prompted to perform destructive actions such as deleting or moving critical files, leading to data loss or integrity issues within the Feishu Drive. Adhere to the principle of least privilege. Grant only `drive:drive:readonly` unless full modification capabilities are strictly necessary for the skill's intended function. Implement strong guardrails and require explicit user confirmation for any destructive actions initiated by the LLM through this tool.	LLM	SKILL.md:68

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/0a5bd8219c556c4f.svg)](https://skillshield.io/report/0a5bd8219c556c4f)