← 返回 Skills 市场

Agent Feishu Doc

Name: Agent Feishu Doc
Author: jmin1113

作者 JMin1113 · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install agent-feishu-doc

功能描述

Guide for OpenClaw agents to create, read, and edit Feishu/Lark documents via API. Use when: (1) creating a new Feishu doc and writing content, (2) reading a...

使用说明 (SKILL.md)

Agent Feishu Doc Guide

Quick Reference

Operation	API Endpoint
Create doc	`POST /drive/v1/documents`
Get doc metadata	`GET /drive/v1/documents/{id}`
Get doc blocks	`GET /drive/v1/documents/{id}/blocks`
Add blocks	`POST /drive/v1/documents/{id}/blocks/{parent_id}/children`
Set public perm	`PATCH /drive/v1/permissions/{id}/public?type=docx`

Workflow

1. Create Document

curl -X POST "https://open.feishu.cn/open-apis/drive/v1/documents" \
  -H "Authorization: Bearer {token}" \
  -H "Content-Type: application/json" \
  -d '{"title": "文档标题"}'

2. Write Content (Block API)

curl -X POST "https://open.feishu.cn/open-apis/drive/v1/documents/{doc_id}/blocks/{block_id}/children" \
  -H "Authorization: Bearer {token}" \
  -H "Content-Type: application/json" \
  -d '{"children": [{"block_type": 2, "text": {"elements": [{"text_run": {"content": "内容"}}]}}]}'

Block types: 2=text, 3=h1, 4=h2, 7=bullet (⚠️ may error, use text instead)

3. Set Public Permissions

curl -X PATCH "https://open.feishu.cn/open-apis/drive/v1/permissions/{doc_id}/public?type=docx" \
  -H "Authorization: Bearer {token}" \
  -H "Content-Type: application/json" \
  -d '{
    "link_share_entity": "anyone_editable",
    "external_access_entity": "anyone_can_edit",
    "security_entity": "anyone_can_edit",
    "comment_entity": "anyone_can_edit",
    "share_entity": "anyone"
  }'

Reading Docs

By URL: Use web_fetch tool on https://feishu.cn/docx/{doc_id}
By ID: Call GET /drive/v1/documents/{id} then /blocks

Prerequisites

Agent's Feishu app must be added as doc collaborator, OR doc set to public
For cross-agent collaboration: set tools.sessions.visibility: "all" in openclaw.json

Troubleshooting

Cannot access doc: Add agent's app as collaborator in Feishu, or set doc to public
Block API error 9499: Avoid block_type: 7 (bullet), use plain text blocks instead
Cross-agent visibility: Add "tools": {"sessions": {"visibility": "all"}} to openclaw.json

For detailed API specs, permissions guide, and example workflows, see references/guide.md.

安全使用建议

This guide appears to implement correct Feishu API calls, but there are three things to consider before installing/using it: 1) Missing credential declaration: The docs require a Feishu app_id and app_secret (to obtain a tenant_access_token), but the skill metadata does not declare any required credentials. Ask the publisher to explicitly list the required env vars/primary credential. Treat app_secret like any secret: store it only in a secure location and rotate if reused. 2) Public docs and cross-agent visibility are risky: The instructions recommend setting docs to "anyone_editable" and enabling tools.sessions.visibility="all" in openclaw.json. Both actions increase exposure — they may leak sensitive content to other agents or external users. Prefer granting the agent's app collaborator access to specific docs or using least-privilege share links instead of global public-edit settings. Only enable sessions.visibility across agents if you understand and accept the privacy implications. 3) Operational best practices: Use a dedicated Feishu bot/tenant with minimal permissions for automation, limit token lifetime, avoid making sensitive documents public, and review openclaw.json changes with an administrator. If you need higher assurance, request the publisher to (a) declare required credentials in the skill metadata, (b) provide a changelog or provenance for the guide, and (c) avoid instructing blanket config changes in guidance — prefer documenting manual, well-scoped steps.

功能分析

Type: OpenClaw Skill Name: agent-feishu-doc Version: 1.0.0 The skill bundle provides instructions for managing Feishu/Lark documents but includes high-risk configuration recommendations. Specifically, SKILL.md and references/guide.md instruct the agent to set document permissions to 'anyone_can_edit' (publicly editable) and suggest enabling global session visibility ('tools.sessions.visibility: all') in the openclaw.json configuration. While these facilitate the stated goal of cross-agent collaboration, they significantly increase the risk of unauthorized data exposure and session interception.

能力评估

⚠ Purpose & Capability

The skill's description matches Feishu document operations, but the included references/guide explicitly shows use of an app_id/app_secret and tenant_access_token (and instructs placing app credentials in ~/.openclaw/openclaw.json). The skill metadata declares no required credentials or primaryEnv; this mismatch is not proportional to the stated manifest and is an omission that affects security decisions.

⚠ Instruction Scope

SKILL.md and references/guide.md instruct the agent to (a) set documents to public/anyone_editable, (b) use web_fetch on feishu doc links, and (c) change openclaw.json to enable tools.sessions.visibility = "all" and restart the gateway. Enabling cross-agent session visibility and making docs publicly editable are outside narrow 'create/read/edit a doc' semantics because they broaden data exposure across agents and external users.

✓ Install Mechanism

Instruction-only skill with no install spec or code files. No binaries, downloads, or package installs — low install risk.

⚠ Credentials

The guidance requires Feishu app credentials (app_id/app_secret → tenant_access_token) but the skill metadata lists no required environment variables or primary credential. Also it tells users to store secrets in openclaw.json. Requesting/using these secrets is reasonable for the operation, but failing to declare them in metadata is an incoherence and prevents automated vetting of the skill's credential needs.

⚠ Persistence & Privilege

always is false (good), but the instructions explicitly tell operators to change agent configuration (openclaw.json) to make sessions.visible to all agents. That increases the platform blast radius — a privilege/visibility change that should be flagged and intentionally authorized by administrators, not performed automatically by an agent.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install agent-feishu-doc
安装完成后，直接呼叫该 Skill 的名称或使用 /agent-feishu-doc 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release: create/read/edit Feishu docs via API, permissions, cross-agent collaboration guide

元数据

Slug agent-feishu-doc

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题

Agent Feishu Doc 是什么？

Guide for OpenClaw agents to create, read, and edit Feishu/Lark documents via API. Use when: (1) creating a new Feishu doc and writing content, (2) reading a... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 91 次。

如何安装 Agent Feishu Doc？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install agent-feishu-doc」即可一键安装，无需额外配置。

Agent Feishu Doc 是免费的吗？

是的，Agent Feishu Doc 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Agent Feishu Doc 支持哪些平台？

Agent Feishu Doc 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Agent Feishu Doc？

由 JMin1113（@jmin1113）开发并维护，当前版本 v1.0.0。