← 返回 Skills 市场
pikaqiuyaya

Feishu Send Message

作者 pikaqiuyaya · GitHub ↗ · v5.0.0 · MIT-0
cross-platform ⚠ suspicious
196
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install feishu-auto-report
功能描述
自动从本地配置获取飞书凭证,支持多Agent独立身份向指定open_id或chat_id发送文本消息汇报任务结果。
使用说明 (SKILL.md)

Feishu Auto-Report Skill - 飞书自主汇报技能

name: Feishu Auto-Report - 飞书自主汇报 description: 专为多 Agent 协作设计。Agent 完成任务后自主调用本技能向用户汇报结果,显示独立机器人身份。零配置,Agent 启动时自动扫描使用,无需手动配置飞书凭证。 descriptionEn: Designed for multi-agent collaboration scenarios. After completing tasks, agents independently call this skill to report results to users with independent robot identity. Zero configuration, agents automatically scan and use it without manual Feishu credential configuration. version: 5.0.0 author: pikaqiuyaya license: MIT tags:

  • feishu
  • auto-report
  • multi-agent
  • notification
  • zh-CN
  • 飞书
  • 自主汇报
  • 多 Agent
  • 零配置 language: zh-CN

Feishu Auto-Report Skill - 飞书自主汇报技能

设计目标

在多 Agent 协作架构中,执行 Agent(Agent-B/C)完成任务后需要向用户汇报结果。本技能提供零配置的消息发送能力,让每个 Agent 以自己的身份独立发送通知,无需 Agent-A 转发。

技术实现

通过飞书开放平台的 Internal App 凭证获取 tenant_access_token,调用飞书消息 API 发送文本消息。支持 open_id(私聊)和 chat_id(群聊)两种接收者类型,确保消息精准触达。

配置依赖

技能自动从以下配置文件读取飞书凭证(无需手动配置):

  • ~/.openclaw/openclaw-{agentId}.json

Agent 启动时会自动扫描该路径下的配置文件,读取 channels.feishu.appIdchannels.feishu.appSecret 字段完成鉴权。

API 调用流程

# 1. 获取租户级访问令牌
POST https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal/
Headers: Content-Type: application/json
Body: {"app_id": "xxx", "app_secret": "xxx"}

# 2. 发送文本消息
POST https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type={idType}
Headers: 
  Authorization: Bearer {tenant_access_token}
  Content-Type: application/json
Body: {
  "receive_id": "{targetId}",
  "msg_type": "text",
  "content": "{\"text\":\"{messageContent}\"}"
}

脚本参数

参数 说明 示例
agentId Agent 标识 agent-b
targetId 接收者 ID ou_xxx 或 oc_xxx
idType ID 类型 open_id / chat_id
content 消息内容 任务已完成

与 setup-multi-gateway 配合

  1. Agent-A 接收用户指令
  2. Agent-A 通过 sessions_send 派发任务
  3. Agent-B/C 执行任务
  4. Agent-B/C 自主调用本技能汇报
  5. 用户收到对应 Agent 的通知

注意事项

  • open_id 是应用隔离的,每个 Agent 使用自己的 open_id
  • chat_id 是通用的,跨 Agent 共享
  • content 必须是转义的 JSON 字符串
安全使用建议
Before installing: (1) confirm you trust the skill author—this script will read per-agent Feishu appId/appSecret from ~/.openclaw/openclaw-{agent}.json and use them to send messages; (2) be aware agents can send arbitrary message content so the skill could be used to exfiltrate data if an agent is malicious or misconfigured; (3) ensure curl and jq are present or the script will fail (these are not declared as requirements); (4) consider restricting where credentials are stored, or review the contents of the config files and the send.sh script, and require explicit consent before allowing automatic scanning/sending in your environment.
功能分析
Type: OpenClaw Skill Name: feishu-auto-report Version: 5.0.0 The skill is designed to send Feishu notifications but contains significant security vulnerabilities in 'send.sh'. Specifically, the script is vulnerable to path traversal because it uses the 'agentId' parameter to construct a file path ($HOME/.openclaw/openclaw-${AGENT}.json) without any sanitization. Additionally, the script lacks proper shell escaping for the 'MESSAGE' variable when constructing the JSON payload for 'curl', which could lead to injection attacks. While the script correctly targets the official Feishu API (open.feishu.cn), these implementation flaws allow for potential unauthorized access to other configuration files or malformed execution.
能力评估
Purpose & Capability
The skill's code and SKILL.md align with the stated purpose: it reads per-agent OpenClaw config (~/.openclaw/openclaw-{agentId}.json) to extract channels.feishu.appId and appSecret and then calls Feishu APIs to send messages. However, registry metadata lists no required binaries/env vars though the script depends on curl and jq; _meta.json version also mismatches SKILL.md version—these are coherence issues.
Instruction Scope
Instructions and send.sh direct the agent to automatically scan a home-directory config path and use the appSecret to obtain tenant tokens and send arbitrary message text. That is consistent with a messaging skill, but it also means an agent can send any data (including sensitive local data) out via Feishu if invoked with crafted content. The SKILL.md gives broad, automatic scanning behavior ('zero configuration, automatically scan and use'), which increases the risk surface because credentials are read without an explicit interactive configuration step.
Install Mechanism
No install spec (instruction-only + script), so nothing is written by an installer. The included send.sh will execute network requests. The manifest does not declare dependencies (curl, jq) required at runtime—this omission is an implementation gap but not itself malicious.
Credentials
No environment variables are requested; instead the skill reads a local config file for appId/appSecret. Reading those Feishu credentials is proportionate to the stated goal (sending messages), but the practice of auto-scanning home-directory config files can lead to unexpected credential usage if users have multiple agent configs or store other secrets in the same path.
Persistence & Privilege
always:false and no install-time persistence. The skill does not request elevated platform privileges or attempt to modify other skills or system settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install feishu-auto-report
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /feishu-auto-report 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v5.0.0
更新 SKILL.md 为官方版本,包含完整的 frontmatter 元数据和技术文档
v2.0.1
更新 README.md 为官方版本,优化技能描述和用法说明
v2.0.0
飞书自主汇报技能,专为多 Agent 协作设计,零配置自动适配
v1.0.0
Initial release of Feishu Send Message skill for multi-agent collaboration: - Enables agents to send Feishu messages to users or groups with independent robot identities. - Zero configuration: Agents auto-scan and use skill at startup. - Supports both private (open_id) and group (chat_id) message sending. - Credentials automatically read from agent-specific config files. - Designed for seamless integration in multi-agent task workflows.
元数据
Slug feishu-auto-report
版本 5.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 4
常见问题

Feishu Send Message 是什么?

自动从本地配置获取飞书凭证,支持多Agent独立身份向指定open_id或chat_id发送文本消息汇报任务结果。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 196 次。

如何安装 Feishu Send Message?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install feishu-auto-report」即可一键安装,无需额外配置。

Feishu Send Message 是免费的吗?

是的,Feishu Send Message 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Feishu Send Message 支持哪些平台?

Feishu Send Message 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Feishu Send Message?

由 pikaqiuyaya(@pikaqiuyaya)开发并维护,当前版本 v5.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论