@openclaw/feishu
OpenClaw Feishu/Lark channel plugin (community maintained by @m1heng)
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/monitor.account-ByxawtBB.js | AI (source-diff): Long lines are minified ESM bundle output with readable identifiers; not obfuscation. Stable pattern for this build pipeline. | ai | |
| source-diff | obfuscated-file:dist/monitor.account-vUWzYlT_.js | AI (source-diff): File is minified ESM bundle with readable identifiers; standard build output for this plugin package. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Plugin package with structured metadata; README style and missing keywords are cosmetic, not malicious. | ai | |
| source-diff | obfuscated-file:dist/monitor.account-CmXHWuwG.js | AI (source-diff): Minified/bundled dist output with readable ESM imports; standard build artifact for this plugin package. | ai | |
| source-diff | obfuscated-file:dist/monitor.account-Cg_HyFTF.js | AI (source-diff): Standard Vite/Rollup bundled output with hashed filenames; readable ESM imports confirm no real obfuscation. | ai | |
| source-diff | obfuscated-file:dist/monitor.account-DVS7oJ5P.js | AI (source-diff): Vite/Rollup chunked ESM bundle with hashed filename; long lines are minified but not obfuscated, imports are readable and reference legitimate Feishu SDK modules. | ai | |
| source-diff | obfuscated-file:dist/monitor.account-ByWHSzXQ.js | AI (source-diff): Standard bundled dist output with ES module imports; minified build artifact, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/monitor.account-CI4_rDnC.js | AI (source-diff): Bundled/minified dist output with readable ES module imports; consistent with build tool chunking, not obfuscation. | ai | |
| publish-pattern | new-deps-added | AI (publish-pattern): zod is a well-established validation library; no malicious history. | ai | |
| source-diff | obfuscated-file:dist/monitor.account-BJ8FoDGL.js | AI (source-diff): Standard bundler output with readable ES module imports; not obfuscated or malicious. | ai | |
| source-diff | obfuscated-file:dist/monitor.account-DoDo7TZX.js | AI (source-diff): File is standard Vite/Rollup chunked bundle with readable imports; long lines are minified JS, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/monitor.account-CUZxYkjE.js | AI (source-diff): File is a standard bundler chunk with readable ES module imports; long lines are from bundled/minified output, not obfuscation. | ai | |
| provenance | publisher-changed | AI (provenance): Publisher changed to GitHub Actions with SLSA attestation; CI/CD automation is the documented publish path for this package. | ai | |
| source-diff | large-new-source-files | AI (source-diff): 27 new files consistent with implementing a full Feishu channel plugin with SDK integration. | ai | |
| source-diff | source-size-tripled | AI (source-diff): Size increase attributable to adding Feishu SDK and schema validation libraries, not injected payloads. | ai | |
| semgrep | semgrep:etc-passwd-access | AI (semgrep): Appears only in a test asserting that path traversal to /etc/passwd is rejected — not credential harvesting. | ai | |
| semgrep | semgrep:base64-decode | AI (semgrep): Base64 decoding used for image buffer extraction in docx parsing; no malicious payload context. | ai | |
| semgrep | semgrep:shady-links-raw-ip | AI (semgrep): 127.0.0.1 used in a test helper for local server setup; not a shady external endpoint. | ai |
Versions (showing 35 of 35)
| Version | Deps | Published |
|---|---|---|
| 2026.5.28 | 3 / 0 | |
| 2026.5.27 | 3 / 0 | |
| 2026.5.26 | 3 / 0 | |
| 2026.5.22 | 3 / 0 | |
| 2026.5.20 | 3 / 2 | |
| 2026.5.19 | 3 / 2 | |
| 2026.5.18 | 3 / 2 | |
| 2026.5.12 | 3 / 2 | |
| 2026.5.7 | 2 / 2 | |
| 2026.5.6 | 2 / 2 | |
| 2026.5.5 | 2 / 2 | |
| 2026.5.4 | 2 / 2 | |
| 2026.5.3 | 2 / 2 | |
| 2026.5.2 | 2 / 2 | |
| 2026.3.13 | 4 / 0 | |
| 2026.3.12 | 4 / 0 | |
| 2026.3.11 | 4 / 0 | |
| 2026.3.10 | 4 / 0 | |
| 2026.3.7 | 4 / 0 | |
| 2026.3.2 | 4 / 0 | |
| 2026.3.1 | 4 / 0 | |
| 2026.2.25 | 3 / 0 | |
| 2026.2.24 | 3 / 0 | |
| 2026.2.23 | 3 / 1 | |
| 2026.2.22 | 3 / 1 | |
| 2026.2.21 | 3 / 1 | |
| 2026.2.19 | 3 / 1 | |
| 2026.2.17 | 3 / 1 | |
| 2026.2.15 | 3 / 1 | |
| 2026.2.14 | 3 / 1 | |
| 2026.2.13 | 3 / 0 | |
| 2026.2.12 | 3 / 0 | |
| 2026.2.9 | 3 / 1 | |
| 2026.2.6 | 3 / 1 | |
| 2026.2.2 | 0 / 1 |
v2026.5.28
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.27
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.26
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.22
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.20
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.19
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.18
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.12
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.7
3 findingsThis version was published by a different npm account than previous versions on 2026-05-07. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.6
3 findingsThis version was published by a different npm account than previous versions on 2026-05-06. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.5
3 findingsThis version was published by a different npm account than previous versions on 2026-05-06. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.4
3 findingsThis version was published by a different npm account than previous versions on 2026-05-05. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.3
3 findingsThis version was published by a different npm account than previous versions on 2026-05-04. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.5.2
2 findingsThis version was published by a different npm account than previous versions on 2026-05-02. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2026.3.13
2 findingsAccessing /etc/passwd or /etc/shadow — credential harvesting on Linux 8 | 9 | it("rejects traversal and path separator patterns", () => { > 10 | expect(normalizeFeishuExternalKey("../etc/passwd")).toBeUndefined(); 11 | expect(normalizeFeishuExternalKey("a/../../b")).toBeUndefined(); 12 | expect(normalizeFeishuExternalKey("a\\..\\b")).toBeUndefined();
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2026.3.12
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.3.11
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.3.10
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.3.7
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.3.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.3.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.2.25
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.2.24
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.2.23
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.2.22
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.2.21
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.2.19
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.2.17
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.2.15
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.2.14
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.2.13
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.2.12
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2026.2.9
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v2026.2.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v2026.2.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.