← 返回 Skills 市场
243
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install feishu-bitable-plus
功能描述
自然语言驱动飞书多维表格操作,支持CRUD、批量导入导出、跨表同步及数据质量分析,纯本地安全部署。
使用说明 (SKILL.md)
feishu-bitable-plus
企业级飞书多维表格智能操作技能 - 自然语言驱动,纯本地安全部署
描述
用自然语言操作飞书多维表格,告别复杂API。
支持批量处理、数据同步、质量分析,纯本地部署保障数据安全。
安装
npx clawhub@latest install feishu-bitable-plus
使用
# 配置飞书凭证
fbt config
# 自然语言查询
fbt query "列出客户表的所有记录"
# 交互模式
fbt interactive
功能
- 自然语言操作表格
- 完整CRUD(增删改查)
- 批量导入导出
- 跨表数据同步
- 数据质量分析
权限
- bitable:app
- bitable:record
- bitable:table
作者
wenyuan
许可证
MIT
安全使用建议
This package appears to implement what it claims (a local CLI + intent engine + Feishu API client). Before installing or using it, consider the following:
- Credential handling: the code stores your App ID/App Secret in ~/.feishu-bitable-plus/credentials.json using Base64 encoding, which is reversible and not secure. Treat these files as sensitive, delete them when not in use, or modify the code to use a secure key store (e.g., keytar/system keychain).
- Documentation mismatch: README/CLI messages imply system keychain storage; in reality the implementation uses file storage. If you require true system keychain support, patch or request that feature.
- Source provenance: registry metadata lists source/homepage as unknown/none while package.json and README reference a GitHub repo. Prefer installing code from a verified source (inspect the GitHub repo/commit history) and confirm the package integrity.
- Network behavior: the client talks only to open.feishu.cn (Feishu Open API) and obtains a tenant_access_token using your App ID/Secret—this is expected. If you want to be extra cautious, run the CLI in a network-monitored or sandboxed environment the first time.
- Principle of least privilege: only grant the Feishu app the minimal scopes it needs and rotate credentials if you stop using the tool.
If you rely on strong credential protection for production use, do not use the default ConfigManager as-is; replace with secure keychain storage or encrypt the credentials with a secret only you control.
功能分析
Type: OpenClaw Skill
Name: feishu-bitable-plus
Version: 1.0.0-beta
The feishu-bitable-plus skill bundle is a legitimate tool for managing Feishu Bitable via natural language and CLI. It implements standard CRUD operations, data analysis, and reporting features. Security-wise, it stores credentials locally in the user's home directory with restricted file permissions (0o600) and communicates exclusively with the official Feishu API (open.feishu.cn). No evidence of data exfiltration, malicious code execution, or harmful prompt injection was found in files like dist/core/api-client.js or SKILL.md.
能力评估
Purpose & Capability
Name/description claim natural-language operations for Feishu Bitable; the package contains an API client (calls to open.feishu.cn), intent engine, CLI, and a config manager for storing App ID/App Secret—all coherent with the stated purpose. The declared Feishu scopes (bitable:app, bitable:record, bitable:table) match the functionality.
Instruction Scope
SKILL.md and README instruct only local CLI use (fbt config, fbt query, etc.). Runtime code follows that flow and calls only Feishu API endpoints. However, documentation and some CLI messages claim credentials are saved to the "system keychain" while the implemented ConfigManager stores Base64-encoded credentials in ~/.feishu-bitable-plus/credentials.json — this is a misleading/security-relevant discrepancy.
Install Mechanism
Registry metadata has no install script and the skill is distributed as source/compiled JS files (no external downloads during install). Dependencies are standard npm libs (axios, inquirer, node-cache). There are no suspicious remote download URLs or extract-from-URL steps in the bundle.
Credentials
The skill does not request unrelated environment variables; it legitimately needs Feishu App ID/App Secret and app-specific appToken (passed as CLI args). It does not declare a primaryEnv in registry metadata, but the code expects stored credentials. The credential storage is weak: credentials are stored Base64-encoded (not encrypted). This is proportionate to the feature set but a security concern in practice.
Persistence & Privilege
always:false (not force-included). The skill writes to a single config directory (~/.feishu-bitable-plus) and manages its own credentials file (mode 0o600). It does not modify other skills or global agent settings. Persistence is limited to its own config directory.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install feishu-bitable-plus - 安装完成后,直接呼叫该 Skill 的名称或使用
/feishu-bitable-plus触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0-beta
Automate Feishu Bitable with natural language. Supports CRUD operations, batch processing, data sync, and quality analysis. Pure local deployment for enterprise security.
元数据
常见问题
FeishuBitable-Plus 是什么?
自然语言驱动飞书多维表格操作,支持CRUD、批量导入导出、跨表同步及数据质量分析,纯本地安全部署。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 243 次。
如何安装 FeishuBitable-Plus?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install feishu-bitable-plus」即可一键安装,无需额外配置。
FeishuBitable-Plus 是免费的吗?
是的,FeishuBitable-Plus 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
FeishuBitable-Plus 支持哪些平台?
FeishuBitable-Plus 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 FeishuBitable-Plus?
由 zwybirth(@zwybirth)开发并维护,当前版本 v1.0.0-beta。
推荐 Skills