← Back to Skills Marketplace
Feishu Media
by
a1024708231
· GitHub ↗
· v1.1.1
· MIT-0
109
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install feishu-media-new
Description
飞书媒体文件发送技能。适用于:发送文件、图片、URL图片、视频、音频、语音消息,以及打包压缩后发送。当用户要求在飞书中发送任何类型的媒体文件时激活此技能。
README (SKILL.md)
飞书媒体发送技能
通过 message 工具向飞书发送各类媒体文件。
核心用法
所有媒体发送都通过 message 工具的 action=send,关键参数:
channel: feishutarget:chat:群ID或user:open_id(省略则回复当前会话)message: 附带的文字说明(可选)filePath: 本地文件路径(注意:飞书频道可能不支持)media: URL 地址(网络图片/文件)
1. 发送本地文件(PDF/DOC/XLS/PPT/TXT等)
message action=send channel=feishu filePath=/path/to/file.pdf message="文件说明"
支持格式:pdf, doc/docx, xls/xlsx, ppt/pptx, txt, csv, zip, tar.gz 等。
2. 发送本地图片
message action=send channel=feishu filePath=/path/to/image.png message="图片说明"
支持格式:jpg, jpeg, png, gif, webp, bmp。
3. 发送 URL 图片
message action=send channel=feishu media=https://example.com/image.png message="网络图片"
4. 发送视频(重要:需要用 exec+curl 方式)
⚠️ 注意:OpenClaw 飞书频道的 filePath 参数不支持本地视频文件。
需要用以下 exec+curl 方式发送视频:
# 1. 获取 tenant_access_token(需要飞书应用的 appId 和 appSecret)
TOKEN_RESP=$(curl -s -X POST "https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal" \
-H "Content-Type: application/json" \
-d '{"app_id":"你的appId","app_secret":"你的appSecret"}')
TOKEN=$(echo $TOKEN_RESP | grep -o '"tenant_access_token":"[^"]*"' | cut -d'"' -f4)
# 2. 上传视频文件(必须用 file_type=stream)
curl -s -X POST "https://open.feishu.cn/open-apis/im/v1/files" \
-H "Authorization: Bearer $TOKEN" \
-F "file_type=stream" \
-F "file_name=视频文件名.mp4" \
-F "file=@/path/to/video.mp4"
# 3. 用返回的 file_key 发送消息
curl -s -X POST "https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type=open_id" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"receive_id": "用户的open_id",
"msg_type": "file",
"content": "{\"file_key\":\"返回的file_key\"}"
}'
关键点:
- 上传时
file_type必须用stream,不能用mp4 - 发送时
msg_type用file - 视频会以文件附件形式发送(不是内嵌播放)
支持格式:mp4, mov, avi。
5. 发送音频(非语音)
MP3 等音频文件作为普通文件发送:
message action=send channel=feishu filePath=/path/to/audio.mp3 message="音频文件"
6. 发送语音消息(可播放的语音条)
语音消息需要 Ogg/Opus 格式。飞书会显示为可播放的语音条。
6.1 直接发送 opus/ogg 文件
message action=send channel=feishu filePath=/path/to/voice.opus message="语音消息"
6.2 从 MP3 转换后发送
先用 ffmpeg 转换格式:
ffmpeg -i input.mp3 -ar 16000 -ac 1 -acodec libopus output.ogg -y
然后发送 output.ogg。
6.3 技术细节
语音消息的底层流程:
- 上传:
im.file.create,file_type: "opus",需带duration(毫秒) - 发送:
msg_type: "audio",content:{"file_key":"xxx","duration":3007} - duration 由 ffprobe 自动获取,无需手动指定
7. 打压缩包后发送
当需要发送多个文件或不支持的格式时,先打包再发送:
7.1 打 zip 包
zip -j /tmp/archive.zip /path/to/file1 /path/to/file2
7.2 打 tar.gz 包
tar czf /tmp/archive.tar.gz -C /path/to/dir .
7.3 发送压缩包
message action=send channel=feishu filePath=/tmp/archive.zip message="打包文件"
格式支持速查表
| 类型 | 格式 | 发送方式 | 飞书显示 |
|---|---|---|---|
| 图片 | jpg/png/gif/webp | filePath 或 media(URL) | 内嵌图片 |
| 文档 | pdf/doc/xls/ppt | filePath | 文件卡片 |
| 视频 | mp4/mov/avi | exec+curl (file_type=stream) | 文件卡片 |
| 音频 | mp3/wav/flac | filePath | 文件卡片 |
| 语音 | opus/ogg | filePath | 可播放语音条 |
| 压缩包 | zip/tar.gz | filePath | 文件卡片 |
| 网络图片 | URL | media | 内嵌图片 |
注意事项
- 文件大小限制:默认 30MB
- 语音必须是 Ogg/Opus 格式才能显示为语音条,其他音频格式只能作为文件发送
- 需要 ffmpeg/ffprobe 支持语音格式转换和时长检测
- 飞书应用需要
im:message、im:resource权限 - 视频发送:OpenClaw 飞书频道的
filePath不支持本地视频,必须用 exec+curl 方式上传后发送
Usage Guidance
This skill appears to implement Feishu media-sending correctly, but the SKILL.md requires Feishu app credentials (app_id/app_secret to obtain tenant_access_token) and local tools (ffmpeg/ffprobe) while the metadata declares none — that mismatch is the main concern. Before installing or using this skill: (1) verify the skill author/source and prefer skills that declare required env vars/binaries in metadata; (2) only provide a Feishu app_id/app_secret scoped to a test/non-production app with the minimal permissions (im:message, im:resource) and rotate/revoke after testing; (3) ensure ffmpeg/ffprobe are installed from trusted packages if needed; (4) inspect any exec+curl commands to confirm they target official open.feishu.cn endpoints and not an attacker-controlled host; (5) if you cannot verify the author, avoid entering real credentials — ask the author to update metadata to list required env vars and required binaries and to provide guidance for secure credential handling.
Capability Analysis
Type: OpenClaw Skill
Name: feishu-media-new
Version: 1.1.1
The skill instructions in SKILL.md direct the AI agent to perform high-risk operations, including executing shell commands via 'exec' for curl, ffmpeg, and compression tools (zip/tar). Specifically, it provides templates for the agent to handle sensitive Feishu credentials (appId and app_secret) and construct shell-based API calls to 'open.feishu.cn'. While these actions are aligned with the stated purpose of sending media to Feishu, the pattern of using raw shell execution instead of structured tools creates a significant surface for shell injection vulnerabilities if the agent processes unsanitized input.
Capability Assessment
Purpose & Capability
The name and description (Feishu media sending) align with the runtime instructions (sending files, images, audio, video via Feishu APIs). However, the instructions require a Feishu app_id/app_secret to obtain a tenant_access_token and require ffmpeg/ffprobe for audio conversion — none of these are declared in the skill metadata (no required env vars, no required binaries). This mismatch is disproportionate to the declared metadata and is an incoherence.
Instruction Scope
The SKILL.md stays within the domain of sending media to Feishu and uses only Feishu API endpoints. However, it instructs the agent to run shell commands (exec+curl), to read local file paths, and to accept app_id/app_secret (used to fetch tenant_access_token). Those instructions reference credentials and local tools not declared by the skill, which expands the agent's scope unexpectedly. The instructions do not describe safe handling/storage of the credentials.
Install Mechanism
No install spec and no code files are present (instruction-only). This limits the skill's disk footprint and attack surface since nothing is automatically downloaded or executed beyond what the agent runs at runtime.
Credentials
The SKILL.md requires app_id/app_secret (to get tenant_access_token) and local binaries (ffmpeg/ffprobe) for proper operation, but the declared metadata lists no required environment variables or binaries. Requiring API credentials and local tools is reasonable for the feature, but failing to declare them is a red flag: users won't be warned up-front and may be prompted to enter sensitive credentials at runtime without clear provenance.
Persistence & Privilege
The skill does not request persistent installation (always:false), does not modify other skills, and has no install steps that change system or agent configuration. Autonomous invocation is allowed by default but is not in itself excessive here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install feishu-media-new - After installation, invoke the skill by name or use
/feishu-media-new - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.1
更新飞书视频发送方式说明;明确指出需要用 exec+curl 方式发送视频
Metadata
Frequently Asked Questions
What is Feishu Media?
飞书媒体文件发送技能。适用于:发送文件、图片、URL图片、视频、音频、语音消息,以及打包压缩后发送。当用户要求在飞书中发送任何类型的媒体文件时激活此技能。 It is an AI Agent Skill for Claude Code / OpenClaw, with 109 downloads so far.
How do I install Feishu Media?
Run "/install feishu-media-new" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Feishu Media free?
Yes, Feishu Media is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Feishu Media support?
Feishu Media is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Feishu Media?
It is built and maintained by a1024708231 (@a1024708231); the current version is v1.1.1.
More Skills