← Back to Skills Marketplace
moistenxx

飞书图片发送

by Moistenxx · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
118
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install feishu-img-send-mx
Description
直接通过飞书开放平台 API 发送图片(绕过 OpenClaw 插件的限制),而非以文件附件形式发送。使用场景:需要发送截图、二维码等图片给用户时。
README (SKILL.md)

feishu-image-sender

通过飞书开放平台 API 直接发送图片到用户,图片以内嵌方式显示,而非文件附件。

核心逻辑

两步走:

  1. 上传图片到飞书服务器,获取 image_key
  2. image_key 发一条 image 类型消息

操作步骤

第一步:获取 Access Token

curl -s -X POST "https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal" \
  -H "Content-Type: application/json" \
  -d '{"app_id":"\x3CAPP_ID>","app_secret":"\x3CAPP_SECRET>"}'

响应:{"code":0,"tenant_access_token":"t-xxx","expire":3339}

记录返回的 tenant_access_token

第二步:上传图片

curl -s -X POST "https://open.feishu.cn/open-apis/im/v1/images" \
  -H "Authorization: Bearer \x3Ctenant_access_token>" \
  -F "image_type=message" \
  -F "image=@/path/to/image.png"

响应:{"code":0,"data":{"image_key":"img_v3_xxx"},"msg":"success"}

记录返回的 image_key

第三步:发送图片消息

curl -s -X POST "https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type=open_id" \
  -H "Authorization: Bearer \x3Ctenant_access_token>" \
  -H "Content-Type: application/json" \
  -d '{
    "receive_id": "\x3Copen_id>",
    "msg_type": "image",
    "content": "{\"image_key\":\"\x3Cimage_key>\"}"
  }'

receive_id 可选 open_id(用户唯标识)、chat_id(群会话)、user_idunion_id

响应成功:{"code":0,"data":{"message_id":"om_xxx",...}}

完整示例(单次执行)

#!/bin/bash
# 参数
IMAGE_PATH="$1"
OPEN_ID="$2"
APP_ID="cli_a924632610b8dbd9"
APP_SECRET="c3TXscIJPF1f8jcQ4mJJegNVk72ktbwK"

# 1. 获取 token
TOKEN=$(curl -s -X POST "https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal" \
  -H "Content-Type: application/json" \
  -d "{\"app_id\":\"$APP_ID\",\"app_secret\":\"$APP_SECRET\"}" | \
  python3 -c "import sys,json; print(json.load(sys.stdin)['tenant_access_token'])")

# 2. 上传图片
IMAGE_KEY=$(curl -s -X POST "https://open.feishu.cn/open-apis/im/v1/images" \
  -H "Authorization: Bearer $TOKEN" \
  -F "image_type=message" \
  -F "image=@$IMAGE_PATH" | \
  python3 -c "import sys,json; print(json.load(sys.stdin)['data']['image_key'])")

# 3. 发送图片
curl -s -X POST "https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type=open_id" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d "{\"receive_id\":\"$OPEN_ID\",\"msg_type\":\"image\",\"content\":\"{\\\"image_key\\\":\\\"$IMAGE_KEY\\\"}\"}"

echo "Done: $IMAGE_KEY"

工具调用封装(Node.js)

const fs = require('fs');
const path = require('path');

async function feishuSendImage(imagePath, openId, appId, appSecret) {
  // 1. get token
  const tokenRes = await fetch('https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({ app_id: appId, app_secret: appSecret })
  });
  const { tenant_access_token } = await tokenRes.json();

  // 2. upload image
  const imageBuffer = fs.readFileSync(imagePath);
  const uploadRes = await fetch('https://open.feishu.cn/open-apis/im/v1/images', {
    method: 'POST',
    headers: { 'Authorization': `Bearer ${tenant_access_token}` },
    body: (() => {
      const form = new FormData();
      form.append('image_type', 'message');
      form.append('image', new Blob([imageBuffer]), path.basename(imagePath));
      return form;
    })()
  });
  const { data: { image_key } } = await uploadRes.json();

  // 3. send image message
  const sendRes = await fetch(`https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type=open_id`, {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${tenant_access_token}`,
      'Content-Type': 'application/json'
    },
    body: JSON.stringify({
      receive_id: openId,
      msg_type: 'image',
      content: JSON.stringify({ image_key })
    })
  });
  return sendRes.json();
}

限制与注意事项

  • 图片大小限制:每个文件最大 30MB
  • 支持格式:jpg、png、gif、webp、bmp、heic
  • token 有效期 2 小时,超时需重新获取
  • receive_id_type 必须与 receive_id 匹配(open_id / user_id / chat_id / union_id)
  • 图片消息不能通过 web 预览,必须是桌面端或手机端才能直接查看
Usage Guidance
This skill does what it says (uploads a local image and sends it via Feishu APIs), but it has an important inconsistency: the documentation uses app_id/app_secret yet the skill metadata doesn't declare any required credentials. Also SKILL.md includes an APP_ID and APP_SECRET in plaintext — verify whether those values are real before using the skill. Before installing: (1) ask the author to declare required credentials (e.g., APP_ID/APP_SECRET) in the metadata and remove any embedded secrets from examples; (2) if you test, use throwaway Feishu app credentials and rotate them afterwards; (3) provide credentials via environment variables or a secret manager rather than embedding in scripts; (4) be aware the agent reads a local file (image) and uploads it to Feishu servers — do not use with sensitive images unless you trust the destination and credentials; (5) if you find the included APP_ID/APP_SECRET are valid, treat them as leaked and rotate them immediately.
Capability Analysis
Type: OpenClaw Skill Name: feishu-img-send-mx Version: 1.0.0 The skill bundle contains hardcoded sensitive credentials (APP_ID and APP_SECRET) for the Feishu (Lark) platform within the SKILL.md file. It instructs the AI agent to use these credentials to upload and send images, which is a significant security risk and could lead to credential abuse or unauthorized data handling. Additionally, the documentation explicitly mentions 'bypassing OpenClaw plugin limitations,' indicating an intent to circumvent platform-level security or functional constraints when interacting with the Feishu API (open.feishu.cn).
Capability Assessment
Purpose & Capability
The skill's name and description (send images via Feishu Open Platform) align with the runtime instructions (obtain tenant token, upload image, send image message). However, the SKILL.md demonstrates use of an APP_ID and APP_SECRET while the registry metadata declares no required environment variables or primary credential; that's an inconsistency between what the skill needs and what it advertises.
Instruction Scope
The instructions are narrowly scoped to obtaining a tenant_access_token, uploading a local image file, and sending it via Feishu APIs — which is expected. They do instruct reading a local file (image path) and transmitting it to Feishu servers, which is necessary for the task. However the examples show hard-coded credentials in the script, which broadens the security surface and risks accidental secret disclosure.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That is the lowest-risk install model and is coherent with its purpose.
Credentials
The SKILL.md requires app_id and app_secret to obtain tokens, but the skill declares no required env vars or primary credential. Additionally, the SKILL.md contains a concrete APP_ID and APP_SECRET example embedded in plaintext — if those are real, they represent credential leakage; even if placeholders, embedding credentials in examples is a risky practice. The skill should explicitly declare required credentials and recommend secure handling (env vars, secret store).
Persistence & Privilege
The skill does not request always:true and does not attempt to modify other skills or system configs. Model invocation is allowed (normal). No elevated persistence or cross-skill configuration changes are present.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install feishu-img-send-mx
  3. After installation, invoke the skill by name or use /feishu-img-send-mx
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
首次发布:通过飞书开放平台 API 直接发送图片(内嵌而非附件)
Metadata
Slug feishu-img-send-mx
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is 飞书图片发送?

直接通过飞书开放平台 API 发送图片(绕过 OpenClaw 插件的限制),而非以文件附件形式发送。使用场景:需要发送截图、二维码等图片给用户时。 It is an AI Agent Skill for Claude Code / OpenClaw, with 118 downloads so far.

How do I install 飞书图片发送?

Run "/install feishu-img-send-mx" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is 飞书图片发送 free?

Yes, 飞书图片发送 is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does 飞书图片发送 support?

飞书图片发送 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created 飞书图片发送?

It is built and maintained by Moistenxx (@moistenxx); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments