Latest release: v2026.5.28Download zip
Capabilities
Compatibility
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The package purpose is a Feishu/Lark channel plugin with chat, document, wiki, drive, bitable, and permission tools; the sensitive cloud-content operations are disclosed and fit that purpose.
Instruction Scope
Several skill descriptions use broad activation wording and document write/delete/move/share actions without explicit confirmation guidance, so users should rely on clear prompts and host-side approval practices for destructive operations.
Install Mechanism
The artifact is the trusted @openclaw/feishu package, source-linked to openclaw/openclaw, with clean static scan and clean VirusTotal telemetry; package metadata shows bundled runtime files and skills, with no separate install script behavior identified.
Credentials
The plugin needs Feishu app credentials and network access to Feishu/Lark APIs, and can upload local or remote media into documents; local file upload appears routed through OpenClaw media/fs policy controls and is proportionate to the stated document workflow.
Persistence & Privilege
It stores channel configuration and session state, has an optional dynamic-agent feature that can create agent/workspace directories and mutate config when explicitly enabled, and includes a doctor repair path that archives/removes Feishu-scoped state only when repair is requested.
Scan Findings in Context
[SDI-2] expected: The skill text mentions granting requester access on created docs, but the runtime derives the requester from trusted Feishu message context and grants edit permission rather than accepting arbitrary full_access from tool input; this is downgraded to a documentation clarity issue.
[SQP-2] expected: The doctor repair routine can rename/archive state and remove Feishu-scoped session entries, but it is reached through the repair flow after preview warnings and preserves backups and credentials, so it is not hidden destructive behavior.
[SQP-2] expected: Drive delete, document replacement, block deletion, table row/column deletion, wiki move/rename/create, and permission add/remove are real high-impact capabilities, but they are disclosed file-management and collaboration functions for this integration.
[SQP-1] expected: Activation phrases for docs, drive, and permissions are broad, increasing accidental invocation risk, but they do not create hidden authority by themselves and the tools still require configured Feishu credentials and user-directed tool calls.
[SQP-2] expected: Dynamic agent creation can persist new agent and workspace directories from inbound Feishu DMs, but only when dynamicAgentCreation.enabled and channel config writes are enabled; this is an advanced optional feature rather than default hidden persistence.
Assessment
Install only if you intend OpenClaw to operate on Feishu/Lark content with your app's granted scopes. Keep the permission-management tool disabled unless needed, restrict bot access and allowlists, avoid enabling dynamic agent creation without quotas, and require explicit human confirmation before deletes, full document replacements, moves, or collaborator changes.