← Back to Skills Marketplace
wangzhi8145

openclaw自动化配置飞书,几乎不要人手动干预,测试成功

by wangzhi8145 · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
362
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install feishuskills
Description
Automates Feishu integration with minimal manual input by handling authentication, messaging, events, APIs, error recovery, and fallback solutions.
README (SKILL.md)

Feishu Integration Problem Solver

This skill automatically solves Feishu integration problems by researching official documentation, finding community solutions, and implementing the most reliable automation approach.

Capabilities

  • Authentication & Authorization: Handles app_id/app_secret setup, tenant access tokens, user access tokens, and bot access tokens
  • Message Handling: Supports text, rich text, cards, and file messages with proper formatting
  • Event Processing: Webhook event handling with signature verification and proper response format
  • API Integration: Comprehensive support for Feishu's service APIs including docs, drive, wiki, calendar, etc.
  • Error Handling: Intelligent error diagnosis and recovery for common issues like token expiration, permission errors, and rate limiting
  • Fallback Strategies: When complete automation isn't possible, provides alternative approaches and manual workarounds

Usage

Basic Integration Setup

When users mention Feishu integration issues, this skill will:

  1. Analyze the specific problem (authentication, messaging, API calls, etc.)
  2. Check if they have proper app credentials configured
  3. Implement the appropriate solution based on the use case
  4. Provide fallback options if automation isn't possible

Supported Scenarios

  • Bot Development: Creating interactive bots that respond to messages and events
  • Document Automation: Reading/writing Feishu documents and cloud files
  • Workflow Integration: Connecting Feishu with external systems and services
  • Permission Management: Handling sharing and collaboration permissions
  • Knowledge Base Access: Reading and managing Feishu wiki/knowledge base content

Implementation Details

Authentication Flow

The skill implements the standard Feishu authentication flow:

  1. App Credentials: Uses FEISHU_APP_ID and FEISHU_APP_SECRET from environment or configuration
  2. Tenant Token: Automatically obtains and caches tenant access tokens with proper refresh logic
  3. User Tokens: Handles OAuth flows when user-specific actions are required
  4. Bot Tokens: Manages bot access tokens for messaging capabilities

Error Recovery

Common error scenarios and their solutions:

  • Token Invalid (99991663): Automatically refreshes expired tokens
  • Permission Denied (99991672): Guides users through permission setup in Feishu admin console
  • Rate Limiting: Implements exponential backoff with jitter
  • Network Issues: Provides retry logic with circuit breaker patterns

Fallback Strategies

When automation isn't possible:

  1. Manual Configuration Guide: Step-by-step instructions for manual setup
  2. Alternative APIs: Suggests different API endpoints or approaches
  3. Web Interface Workaround: Provides guidance for using Feishu web interface as alternative
  4. Community Solutions: References relevant GitHub repositories and community examples

Dependencies

This skill leverages existing Feishu skills when available:

  • feishu-doc: For document operations
  • feishu-drive: For cloud storage management
  • feishu-perm: For permission handling
  • feishu-wiki: For knowledge base operations

If these skills aren't available, it implements basic functionality directly using Feishu's REST APIs.

Security Considerations

  • Credential Management: Never logs or exposes app secrets
  • Token Storage: Caches tokens securely with automatic expiration
  • Input Validation: Validates all inputs to prevent injection attacks
  • Rate Limiting: Respects Feishu's API rate limits to avoid account restrictions

Testing & Validation

The skill includes built-in validation:

  • Connection Test: Verifies app credentials and basic connectivity
  • Permission Check: Validates required permissions before attempting operations
  • Mock Mode: Allows testing without making actual API calls (for development)
  • Diagnostic Output: Provides detailed logs for troubleshooting

Examples

Example 1: Bot Message Handling

User: "My Feishu bot isn't receiving messages"
Skill: Checks webhook configuration, verifies signature validation, tests message routing

Example 2: Document Access

User: "I can't read Feishu documents programmatically"  
Skill: Implements document reading with proper authentication, handles permission errors, suggests alternative approaches

Example 3: Permission Issues

User: "Getting permission denied when trying to share files"
Skill: Guides through permission setup, implements proper sharing workflow, provides manual workaround
Usage Guidance
This skill appears to be a reasonable Feishu integration helper, but several inconsistencies mean you should audit it before use. Specifically: (1) confirm how you are expected to provide credentials—SKILL.md/config expect app_id and app_secret, but the registry metadata incorrectly lists no required env vars; don't assume the platform will inject credentials automatically. (2) Inspect the code (solve_feishu_integration.py) to verify that secrets are never logged or written to disk and to see how tokens are cached; run it in a safe/test environment first. (3) Note the dependency name mismatch (skill.json vs requirements.txt) and ensure you install the correct packages. (4) Because the skill performs network calls (token requests, documentation/community lookups) run it in an environment where outbound requests are allowed and monitored, or block outbound connections during initial testing. (5) If you must provide real production app credentials, consider creating a limited-permission test app and not reuse high-privilege credentials until you’ve reviewed behavior. If you want, I can point out exact places in the code to inspect for secret-logging or token-storage behavior.
Capability Analysis
Type: OpenClaw Skill Name: feishuskills Version: 1.0.0 The skill bundle is classified as suspicious because it generates and writes executable code to the local filesystem (`scripts/solve_feishu_integration.py`) using unsanitized user input, which creates a significant risk of code injection. Although the `SKILL.md` documentation explicitly claims to perform input validation to prevent injection attacks, the actual implementation uses simple string replacement to insert configuration values into code templates. The skill also handles sensitive Feishu credentials and performs network requests, which are high-risk capabilities, though they are consistent with the stated purpose of automating Feishu integrations.
Capability Assessment
Purpose & Capability
The skill's declared registry metadata lists no required environment variables, but SKILL.md and config_schema.json clearly require Feishu credentials (app_id/app_secret and optional tokens, webhook_url). Requesting Feishu app credentials is appropriate for this skill, but the registry metadata omission is inconsistent and misleading.
Instruction Scope
SKILL.md stays within Feishu integration scope (auth flows, webhook handling, API calls). It instructs the agent to obtain and cache tokens, validate webhooks, and consult docs/community examples (i.e., network access). There are no instructions to read unrelated system files, but the skill claims 'never logs or exposes app secrets' and 'caches tokens securely'—those are promises, not enforced by metadata; you should review implementation to confirm they are honored.
Install Mechanism
No install spec (instruction-only) which reduces install-time risk. The package includes Python scripts and a requirements.txt listing common packages (lark-oapi, requests, pydantic). However, skill.json lists a slightly different dependency name ('lark-api' vs requirements.txt 'lark-oapi'), indicating packaging/metadata drift that could cause installation confusion.
Credentials
The skill legitimately needs Feishu credentials (app_id, app_secret, verification_token, webhook_url) and the config schema requires app_id/app_secret. However, the registry metadata's 'Required env vars: none' contradicts that. Examples and SKILL.md also reference storing logs to files—if logging is implemented poorly, secrets could leak to disk. Overall credential requests are expected for purpose, but the metadata inconsistency and unspecified token storage behavior are concerning.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does create a 'solutions' workspace directory (solve_feishu_integration.py) which means it will write files in the working directory; this is normal for a tool that generates code. No automatic modifications of other skills or system-wide settings are indicated.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install feishuskills
  3. After installation, invoke the skill by name or use /feishuskills
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Feishu Integration Problem Solver initial release: - Automatically diagnoses and resolves common Feishu integration issues. - Supports authentication, authorization, messaging, events, API calls, and permission management. - Handles error recovery, including token refresh, permission guidance, rate limiting, and network retry logic. - Provides fallback strategies: manual guides, alternative APIs, web interface workarounds, and community-sourced solutions. - Integrates with related Feishu skills when available; implements features directly if not. - Strong security and validation practices: secure credential handling, input validation, mock mode, and diagnostic output.
Metadata
Slug feishuskills
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is openclaw自动化配置飞书,几乎不要人手动干预,测试成功?

Automates Feishu integration with minimal manual input by handling authentication, messaging, events, APIs, error recovery, and fallback solutions. It is an AI Agent Skill for Claude Code / OpenClaw, with 362 downloads so far.

How do I install openclaw自动化配置飞书,几乎不要人手动干预,测试成功?

Run "/install feishuskills" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is openclaw自动化配置飞书,几乎不要人手动干预,测试成功 free?

Yes, openclaw自动化配置飞书,几乎不要人手动干预,测试成功 is completely free (open-source). You can download, install and use it at no cost.

Which platforms does openclaw自动化配置飞书,几乎不要人手动干预,测试成功 support?

openclaw自动化配置飞书,几乎不要人手动干预,测试成功 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created openclaw自动化配置飞书,几乎不要人手动干预,测试成功?

It is built and maintained by wangzhi8145 (@wangzhi8145); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments