← Back to Skills Marketplace
zhuligu

feishu-doc-editor

by token · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
1965
Downloads
1
Stars
17
Active Installs
1
Versions
Install in OpenClaw
/install feishu-doc-editor
Description
Feishu document creation and editing operations using OpenAPI. Activate when user needs to create, edit, or read Feishu documents programmatically.
README (SKILL.md)

Feishu Document Editor Skill

This skill provides comprehensive guidance for creating and editing Feishu documents using the Feishu OpenAPI.

Prerequisites

1. App Creation and Configuration

Create enterprise self-built app: Login to Feishu Open Platform, create an app and add "Bot" capability.

Apply for API permissions: In "Permission Management", apply for the following permissions:

  • Document editing: docx:document:write_only
  • Document viewing: docx:document:readonly

Publish app: Submit version and publish, ensuring the app coverage includes target users/departments.

2. Get Access Token

Call the self-built app get tenant_access_token interface:

curl -X POST https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal \
  -H "Content-Type: application/json" \
  -d '{"app_id": "your_app_id", "app_secret": "your_app_secret"}'

Response example:

{
  "code": 0,
  "tenant_access_token": "t-xxx",
  "expire": 7200
}

Core Operations

Extract Document ID

Get document_id from document URL:

Example URL: https://bigdatacenter.feishu.cn/docx/HpK2dtGu9omhMAxV12zcB6i7ngd

document_id = HpK2dtGu9omhMAxV12zcB6i7ngd

Grant App Document Permission

Manually add collaborator:

  • Open document in Feishu client → Click "..." in top right → "More" → "Add document app"
  • Search and add your app, grant "Can edit" permission.

Write Text Content

Interface: Create Block

  • Path parameters: document_id = document ID, block_id = document ID (root node is the document itself)

  • Request headers:

    Authorization: Bearer {tenant_access_token}
Content-Type: application/json

  • Request body example (write "hello"):

    {
  "index": -1,
  "children": [
    {
      "block_type": 2,
      "text": {
        "elements": [
          {
            "text_run": {
              "content": "hello"
            }
          }
        ]
      }
    }
  ]
}

Read Document Content

Interface: Get Document Plain Text

curl -X GET "https://open.feishu.cn/open-apis/docx/v1/documents/{document_id}/plaintext" \
  -H "Authorization: Bearer {tenant_access_token}"

Response example:

{
  "code": 0,
  "data": {
    "content": "Document text content here"
  }
}

Common Issues

1. Permission Error (403 Forbidden)

  • Diagnosis: App not added as document collaborator, or tenant_access_token is invalid.
  • Solution: Re-add app as collaborator, or re-get tenant_access_token.

2. Missing Access Token (99991661)

  • Diagnosis: Request header does not carry Authorization: Bearer {token}.
  • Solution: Ensure tenant_access_token is correctly added to request header.

3. Document Not Found (404 Not Found)

  • Diagnosis: document_id is incorrect or document has been deleted.
  • Solution: Re-extract document_id from document URL.

Reference Documentation

  • Create Block Interface
  • Get Document Plain Text Interface
  • Permission Configuration Guide

Through the above steps, you can achieve editing Feishu documents via API, supporting add/delete/modify/query operations for multiple content types including text, tables, and images.

Usage Guidance
This skill appears to be a legitimate Feishu doc API guide, but its metadata omits the fact that you must supply app credentials. Before installing or using it: (1) expect to provide sensitive values (app_id/app_secret) or a tenant_access_token — do not paste these into public chats; (2) review any scripts you run so they don't print or log full tokens (examples log to /tmp and echo tokens); (3) follow least-privilege: create an app with only the required doc permissions and limit its scope; (4) prefer generating a tenant_access_token at runtime (short-lived) and avoid storing permanent secrets in plaintext; (5) if you need offline/manual verification, confirm how the agent will accept credentials (environment variables, direct input, or other) — the skill metadata should be updated to declare required env vars before you rely on it.
Capability Analysis
Type: OpenClaw Skill Name: feishu-doc-editor Version: 1.0.0 The skill bundle provides extensive instructions and `bash` examples for interacting with the Feishu OpenAPI, including obtaining access tokens, reading, writing, updating, and deleting document content. While the stated purpose is legitimate, the numerous `curl` and shell script examples (e.g., in `references/api-guide.md`, `references/common-errors.md`) introduce a significant risk of shell injection if the OpenClaw agent does not rigorously sanitize user-provided inputs before executing these commands. Additionally, the `log_error` function in `references/common-errors.md` performs file write operations to `/tmp/feishu_api_errors.log`, which, while intended for debugging, represents a capability that could be misused if parameters were controllable. These capabilities, though plausibly needed for the skill's function, elevate the classification to suspicious due to the potential for exploitation in an AI agent execution environment.
Capability Assessment
Purpose & Capability
The name/description (Feishu document create/edit via OpenAPI) match the included SKILL.md and reference docs. However, the skill metadata declares no required environment variables or primary credential even though all runtime examples require an app_id/app_secret (to obtain tenant_access_token) or an existing tenant_access_token. That missing declaration is an incoherence: a Feishu API integration legitimately needs credentials but the skill metadata does not request them.
Instruction Scope
SKILL.md and the reference files contain concrete, scoped instructions for obtaining a tenant_access_token, calling Feishu doc APIs (create/read/update/delete blocks), and configuring app/document permissions. The instructions do not direct the agent to read unrelated system files or call external endpoints beyond open.feishu.cn. However, examples and debug snippets write logs (e.g., /tmp/feishu_api_errors.log) and show printing token values — these examples could lead to accidental secret exposure if adopted as-is.
Install Mechanism
Instruction-only skill with no install spec and no code files to be executed or downloaded. This minimizes install-time risk.
Credentials
The skill requires sensitive credentials at runtime (app_id/app_secret or a tenant_access_token) but the registry metadata lists no required env vars or primary credential. The reference scripts use variables like APP_ID, APP_SECRET, TOKEN and suggest storing/printing them. Absence of declared credential requirements is disproportionate and misleading; users need to know what secrets they must supply and how the skill will handle them.
Persistence & Privilege
always is false, no install actions, and the skill does not request persistent system privileges or change other skills' configs. There is no evidence it attempts to persist itself or gain elevated privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install feishu-doc-editor
  3. After installation, invoke the skill by name or use /feishu-doc-editor
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the Feishu Document Editor skill. - Supports programmatic creation, editing, and reading of Feishu documents using the Feishu OpenAPI. - Provides step-by-step setup: app creation, permission assignment, and token generation. - Includes detailed instructions for adding the app as a collaborator and managing document permissions. - Explains API usage for both writing and reading document content with example requests and responses. - Documents common error scenarios and their solutions for smoother troubleshooting.
Metadata
Slug feishu-doc-editor
Version 1.0.0
License
All-time Installs 18
Active Installs 17
Total Versions 1
Frequently Asked Questions

What is feishu-doc-editor?

Feishu document creation and editing operations using OpenAPI. Activate when user needs to create, edit, or read Feishu documents programmatically. It is an AI Agent Skill for Claude Code / OpenClaw, with 1965 downloads so far.

How do I install feishu-doc-editor?

Run "/install feishu-doc-editor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is feishu-doc-editor free?

Yes, feishu-doc-editor is completely free (open-source). You can download, install and use it at no cost.

Which platforms does feishu-doc-editor support?

feishu-doc-editor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created feishu-doc-editor?

It is built and maintained by token (@zhuligu); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments