← Back to Skills Marketplace
vinzeny

Feishu Group Ops

by vinzeny · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ⚠ suspicious
345
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install feishu-group-ops
Description
Manage Feishu (Lark) group chats using natural language. Use when the user wants to: add or remove group members, list groups or members, send a message to a...
README (SKILL.md)

Feishu Group Manager

Quick Reference

Operation Command Billed
Check permissions check_permissions Free
Get access token get_token Free
List all groups list_chats Free
Find group by name find_chat --name Free
List group members list_members --chat_id Free
Search user by name find_user --name Free
Add member to group add_member 0.002 USDT
Remove member remove_member 0.002 USDT
Send message send_message 0.002 USDT
Rename group rename_chat 0.002 USDT
Create group create_chat 0.002 USDT

When a write operation returns {"error": "payment_required", ...}: stop, show the message field to the user, and wait for them to top up before retrying.

First Use: Credential Check + Permission Verification

The user is already chatting via Feishu, so the app exists and credentials are configured. No need to ask them to set anything up.

Credentials are resolved automatically in this order:

  1. Environment variables FEISHU_APP_ID / FEISHU_APP_SECRET
  2. ~/.openclaw/openclaw.jsonchannels.feishu.accounts.\x3Cany>.appId / appSecret

On the first request of a session, run:

python3 {baseDir}/scripts/feishu.py check_permissions

If all_ok: true — proceed directly.

If all_ok: false — show the user a friendly message listing missing permissions and how to grant them, e.g.:

"Before I can manage your groups, your Feishu app needs a couple of extra permissions (takes ~2 min).

Missing:

  • im:chat.member — add/remove group members
  • contact:user.id:readonly — search members by name

Steps:

  1. Open https://open.feishu.cn/app and find your app
  2. Go to Permission Management → search and enable the permissions above
  3. Go to Version Management → create a new version → submit for review
  4. Once approved (usually a few minutes), let me know and I'll continue."

Re-run check_permissions after the user confirms. Cache the result for the session — only re-check if the user says they just updated permissions, or if Feishu returns error code 99991672.

Execution Flow

Step 1 — Understand intent

Confirm briefly in the user's language, e.g.: "Got it, I'll add Zhang San to the Marketing group."

Step 2 — Gather info

python3 {baseDir}/scripts/feishu.py get_token
python3 {baseDir}/scripts/feishu.py find_chat --token TOKEN --name "marketing"
python3 {baseDir}/scripts/feishu.py find_user --token TOKEN --name "Zhang San"

If multiple matches are returned, list them and ask the user to confirm.

Step 3 — Confirm before any write

"I'm about to add Zhang San (Marketing dept.) to Marketing Group. Confirm?"

Wait for confirmation before executing.

Step 4 — Execute and report

Success: "Done! Zhang San has been added to Marketing Group." Failure: Explain in plain language — never expose raw API errors.

Command Reference

# Check app permissions
python3 {baseDir}/scripts/feishu.py check_permissions

# Get tenant access token (auto-reads credentials)
python3 {baseDir}/scripts/feishu.py get_token

# List all groups
python3 {baseDir}/scripts/feishu.py list_chats --token TOKEN

# Find group by name (fuzzy)
python3 {baseDir}/scripts/feishu.py find_chat --token TOKEN --name "NAME"

# List group members
python3 {baseDir}/scripts/feishu.py list_members --token TOKEN --chat_id CHAT_ID

# Search user by name
python3 {baseDir}/scripts/feishu.py find_user --token TOKEN --name "NAME"

# Add member to group (billed)
python3 {baseDir}/scripts/feishu.py add_member \
  --token TOKEN --chat_id CHAT_ID \
  --target_user_id TARGET_UID --user_id CALLER_UID

# Remove member from group (billed)
python3 {baseDir}/scripts/feishu.py remove_member \
  --token TOKEN --chat_id CHAT_ID \
  --target_user_id TARGET_UID --user_id CALLER_UID

# Send message to group (billed)
python3 {baseDir}/scripts/feishu.py send_message \
  --token TOKEN --chat_id CHAT_ID --text "MESSAGE" --user_id CALLER_UID

# Rename group (billed)
python3 {baseDir}/scripts/feishu.py rename_chat \
  --token TOKEN --chat_id CHAT_ID --name "NEW NAME" --user_id CALLER_UID

# Create group and add members (billed)
python3 {baseDir}/scripts/feishu.py create_chat \
  --token TOKEN --name "GROUP NAME" --user_ids "uid1,uid2" --user_id CALLER_UID

--user_id is the caller's Feishu open_id — used for billing. Retrieve it from conversation context or from find_user results.

Error Handling

Error Response
Group not found "I couldn't find a group called 'X'. Could you give me the full name?"
User not found "I couldn't find anyone called 'X'. Please check the name or provide their email."
Feishu error 99991672 Re-run check_permissions and show missing permission guidance
Token expired Automatically re-call get_token and retry
Network error "There was a problem reaching Feishu. Please try again in a moment."
payment_required Show the message field (includes top-up link), stop, wait for user
Usage Guidance
Things to consider before installing: - Confirm you trust the publisher (homepage points to a placeholder GitHub). The metadata owner is unknown. - The skill will need your Feishu app credentials; it auto-reads FEISHU_APP_ID/FEISHU_APP_SECRET or ~/.openclaw/openclaw.json. Verify you are comfortable with the skill reading that file and that only expected Feishu credentials are present there. - The included script contacts a third‑party billing service (https://skillpay.me) and appears to contain a hard-coded API key inside the code. Ask the publisher why a key is embedded, who runs skillpay.me, and whether that key is meant to be public. Embedded keys are a red flag — they can indicate sloppy secrets handling or a backdoor. - If you plan to use billed actions, review the billing flow: the script posts user_id and amount to skillpay.me. Ensure the payment URL and billing provider are legitimate for your org. - Because the package contains runnable Python code, inspect scripts/feishu.py yourself (or have a security colleague do so) before installing. Look for any unexpected network calls or data exfiltration beyond Feishu and the billing host. - If you proceed, run in a restricted environment (sandbox or VM) first; or remove/replace the embedded API key and verify headers behavior. Also request that the publisher update the skill metadata to list the env vars/config path it actually uses. If you want, I can point out the exact lines in scripts/feishu.py that embed the API key and read ~/.openclaw/openclaw.json, and suggest a minimal safe checklist to validate before using the skill in production.
Capability Analysis
Type: OpenClaw Skill Name: feishu-group-ops Version: 1.0.1 The skill requires access to sensitive local configuration files (~/.openclaw/openclaw.json) to extract Feishu App IDs and Secrets. It implements a non-standard third-party billing mechanism via 'skillpay.me', which involves sending user identifiers to an external endpoint for every 'write' operation. Furthermore, scripts/feishu.py contains a hardcoded API key and a significant syntax/indentation error in the _skillpay_headers function that would cause the script to crash during authenticated requests to the billing service, indicating either poor code quality or an untested payment gate.
Capability Assessment
Purpose & Capability
The skill's name/description align with the code: scripts call Feishu APIs to list chats, find users, add/remove members, etc. However registry metadata declares no required environment variables or config paths, while both the SKILL.md and scripts explicitly expect FEISHU_APP_ID/FEISHU_APP_SECRET or ~/.openclaw/openclaw.json. This mismatch is surprising but can be explained by the author's design to auto-detect credentials.
Instruction Scope
Runtime instructions are concrete: run the provided Python script commands which will (a) read Feishu credentials from env or ~/.openclaw/openclaw.json, (b) call Feishu open-apis, and (c) call a third-party billing service (skillpay.me) for write actions. The script only appears to use the OpenClaw config to extract Feishu appId/appSecret (not other providers), but it will send the caller's user_id to skillpay.me for billing — that transmission is within the stated billing behavior but should be expected by the user.
Install Mechanism
There is no install spec (instruction-only skill) but the package includes an executable Python script that the agent will run. No remote downloads or archive extraction are present. Running included code locally is normal but does mean the script will execute on the host when invoked.
Credentials
The script uses FEISHU_APP_ID and FEISHU_APP_SECRET and reads ~/.openclaw/openclaw.json but the registry entry did not declare these required env/config items. More importantly, the code embeds a long string that appears to be a SkillPay API key (sk_....) inside _skillpay_headers — an embedded secret in published code is suspicious (it can leak or be reused maliciously). The skill also transmits user_id and billing requests to skillpay.me; sending the caller's OpenID and charge info to a third party is expected for billing but heightens privacy/risk and users should verify the billing endpoint and key ownership before use.
Persistence & Privilege
The skill is not always-enabled and is user-invocable; it does not request permanent platform privileges. It does read a local OpenClaw config file and environment variables (for credentials) which is expected for this functionality. There is no evidence it modifies other skills or system-wide settings.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install feishu-group-ops
  3. After installation, invoke the skill by name or use /feishu-group-ops
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
feishu-group-ops 1.0.1 - SKILL.md rewritten for brevity and clarity in English - Usage instructions and examples made more concise - Command and billing tables added for quick reference - Retains all previous features and logic; no functional changes - No code or functionality changes—documentation only
v1.0.0
feishu-group-ops 1.0.0 - 初始发布:用自然语言管理飞书群组,无需技术知识。 - 自动读取飞书凭证,首次使用自动检测权限,缺失权限时自动友好引导开通。 - 支持查找群组、查看成员、拉人入群、移除成员、发群消息、改群名、建群。
Metadata
Slug feishu-group-ops
Version 1.0.1
License MIT-0
All-time Installs 1
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is Feishu Group Ops?

Manage Feishu (Lark) group chats using natural language. Use when the user wants to: add or remove group members, list groups or members, send a message to a... It is an AI Agent Skill for Claude Code / OpenClaw, with 345 downloads so far.

How do I install Feishu Group Ops?

Run "/install feishu-group-ops" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Feishu Group Ops free?

Yes, Feishu Group Ops is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Feishu Group Ops support?

Feishu Group Ops is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Feishu Group Ops?

It is built and maintained by vinzeny (@vinzeny); the current version is v1.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments