← Back to Skills Marketplace
dongdongbear

Feishu Voice (ElevenLabs)

by DongDong · GitHub ↗ · v1.1.0
cross-platform ⚠ suspicious
489
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install feishu-voice-elevenlabs
Description
Send and receive voice messages on Feishu (Lark) using ElevenLabs TTS and STT. Activate when user asks to send a voice message on Feishu, or when receiving a...
README (SKILL.md)

Feishu Voice (TTS + STT)

Send voice messages and transcribe received voice messages on Feishu using ElevenLabs.

Prerequisites

  • sag CLI (ElevenLabs TTS): npm i -g sag or go install
  • ffmpeg / ffprobe: brew install ffmpeg
  • ElevenLabs paid plan (required for library voices)
  • Feishu app with im:message:send_as_bot and im:file permissions

Environment Variables

Variable Required Description
ELEVENLABS_API_KEY ElevenLabs API key
FEISHU_APP_ID ✅ (TTS) Feishu app ID
FEISHU_APP_SECRET ✅ (TTS) Feishu app secret
ELEVENLABS_VOICE_ID ✅ (TTS) Voice ID (browse at elevenlabs.io/voice-library)
ELEVENLABS_MODEL_ID ✅ (TTS) Model ID (e.g. eleven_multilingual_v2, eleven_v3)
ELEVENLABS_SPEED Speech speed 0.5-2.0 (default: 1.0)

If FEISHU_APP_ID / FEISHU_APP_SECRET are not in env, extract from openclaw config:

export FEISHU_APP_ID=$(python3 -c "import json; print(json.load(open('$HOME/.openclaw/openclaw.json'))['channels']['feishu']['appId'])")
export FEISHU_APP_SECRET=$(python3 -c "import json; print(json.load(open('$HOME/.openclaw/openclaw.json'))['channels']['feishu']['appSecret'])")

Voice Selection

See config/voice-config.example.json for a curated voice list. Browse all voices at https://elevenlabs.io/voice-library or run sag voices.

Recommended models:

  • eleven_multilingual_v2 — best for Chinese and multilingual content
  • eleven_v3 — latest English-optimized model

Sending Voice Messages (TTS)

scripts/feishu-voice-send.sh \x3Ctext> \x3Creceive_id> [receive_id_type] [speed]
  • receive_id: target user open_id or chat_id
  • receive_id_type: open_id (default) or chat_id
  • speed: speech speed multiplier, 0.5-2.0 (default: 1.0)

Receiving Voice Messages (STT)

When OpenClaw delivers a Feishu voice message, it arrives as a media attachment (.ogg file). Transcribe with:

scripts/feishu-voice-stt.sh /path/to/audio.ogg

Returns recognized text to stdout. Uses ElevenLabs scribe_v1 model with automatic language detection.

Fallback: Download via Feishu API

If the audio file is not delivered as an attachment (only file_key available):

  1. List recent messages: GET /im/v1/messages?container_id_type=chat&container_id=CHAT_ID&page_size=5&sort_type=ByCreateTimeDesc
  2. Download audio: GET /im/v1/messages/{message_id}/resources/{file_key}?type=file
  3. Run STT script on the downloaded file

Smart Reply Mode

When receiving messages, follow this pattern for natural conversation:

  • Voice message received → transcribe with STT → understand → reply with voice (TTS)
  • Text message received → understand → reply with text
  • Override: user can request voice/text reply explicitly

Important Notes

  • Feishu msg_type must be "audio" — not "media" or "file"
  • OpenClaw's message tool asVoice does not work correctly for Feishu — use this script instead
  • STT uses ElevenLabs scribe_v1 model, supports Chinese, English, and 90+ languages
  • For free ElevenLabs accounts, only premade voices work; library voices require a paid plan
Usage Guidance
This skill appears to implement the claimed Feishu TTS/STT functionality, but note two issues before installing: (1) The registry metadata claims no required env vars while SKILL.md and the scripts require multiple secrets (ElevenLabs API key and Feishu app credentials). Don't trust the metadata alone — verify and supply only the minimum credentials. (2) SKILL.md suggests extracting FEISHU_APP_ID/FEISHU_APP_SECRET from $HOME/.openclaw/openclaw.json; inspect that file manually to ensure it contains only the expected Feishu fields and no other sensitive tokens before running the provided extraction snippet. Additional precautions: verify the origin of the 'sag' CLI before installing (npm/go), run the scripts in a restricted environment or container if possible, and consider creating Feishu credentials with limited scope/permissions for this integration.
Capability Analysis
Type: OpenClaw Skill Name: feishu-voice-elevenlabs Version: 1.1.0 The skill's core functionality for Feishu voice integration is legitimate, but it exhibits several critical vulnerabilities. The `SKILL.md` instructs the AI agent to execute a shell command to read sensitive configuration from `$HOME/.openclaw/openclaw.json`, which is a risky local file access pattern that could be exploited via prompt injection. Furthermore, `scripts/feishu-voice-send.sh` is vulnerable to shell injection via unsanitized `$TEXT` input to `sag speak` and JSON injection via unsanitized `$RECEIVE_ID` in its `curl` payload. `scripts/feishu-voice-stt.sh` is also vulnerable to shell injection due to direct use of unsanitized `$AUDIO_FILE` in a `curl -F` command. These are significant input sanitization flaws that could lead to arbitrary command execution or data manipulation, classifying the skill as suspicious due to these vulnerabilities.
Capability Assessment
Purpose & Capability
The SKILL.md and included scripts clearly require ElevenLabs and Feishu credentials (ELEVENLABS_API_KEY, FEISHU_APP_ID, FEISHU_APP_SECRET, ELEVENLABS_VOICE_ID, ELEVENLABS_MODEL_ID). However registry metadata reported "Required env vars: none" and "Primary credential: none", which is inconsistent with the files. The requested env vars are appropriate for the declared purpose, but the metadata mismatch is misleading and should be corrected.
Instruction Scope
Runtime instructions and scripts perform exactly the expected actions: call ElevenLabs TTS/STT, convert audio with ffmpeg, obtain tenant_access_token from Feishu API, upload and send audio. SKILL.md also recommends installing 'sag' and ffmpeg. One instruction suggests extracting FEISHU_APP_ID / FEISHU_APP_SECRET from $HOME/.openclaw/openclaw.json; the scripts themselves do not automatically read that file but the doc gives a snippet to export these values — this reads local OpenClaw config and is functionally relevant but worth flagging because it touches a local config file that may contain other secrets if misused.
Install Mechanism
The skill is instruction-only with small helper scripts; there is no install spec. It depends on external CLI binaries (sag, ffmpeg/ffprobe). That is reasonable for a script-based integration, but users should confirm the provenance of 'sag' (npm or go install) before installing from package registries.
Credentials
The required environment variables (ElevenLabs API key, ElevenLabs voice/model IDs, Feishu app ID/secret) are proportionate to the feature. Concern arises because the public metadata did not declare these required secrets, and because the README suggests extracting FEISHU_APP_ID/FEISHU_APP_SECRET from ~/.openclaw/openclaw.json — accessing a local agent config can expose credentials if the file contains other tokens or if the extraction is run blindly. The scripts themselves only use the specific Feishu fields, but the guidance to programmatically read local config increases risk if run without inspection.
Persistence & Privilege
The skill does not request 'always: true', does not modify other skills or system-wide settings, and contains only runtime scripts. Autonomous invocation remains enabled by default (platform standard) but does not combine with other high privileges here.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install feishu-voice-elevenlabs
  3. After installation, invoke the skill by name or use /feishu-voice-elevenlabs
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
v1.1.0: Added speed control, voice config example, smart reply mode guidance
v1.0.0
Initial release: TTS send + STT receive for Feishu voice messages via ElevenLabs
Metadata
Slug feishu-voice-elevenlabs
Version 1.1.0
License
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is Feishu Voice (ElevenLabs)?

Send and receive voice messages on Feishu (Lark) using ElevenLabs TTS and STT. Activate when user asks to send a voice message on Feishu, or when receiving a... It is an AI Agent Skill for Claude Code / OpenClaw, with 489 downloads so far.

How do I install Feishu Voice (ElevenLabs)?

Run "/install feishu-voice-elevenlabs" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Feishu Voice (ElevenLabs) free?

Yes, Feishu Voice (ElevenLabs) is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Feishu Voice (ElevenLabs) support?

Feishu Voice (ElevenLabs) is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Feishu Voice (ElevenLabs)?

It is built and maintained by DongDong (@dongdongbear); the current version is v1.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments