← 返回 Skills 市场
799
总下载
0
收藏
10
当前安装
3
版本数
在 OpenClaw 中安装
/install feishu-file
功能描述
Send local files to Feishu chats. Supports uploading and sending any file type as a Feishu file message.
使用说明 (SKILL.md)
Feishu File Sender
A skill to send local files to Feishu users or groups.
Setup
Requires Feishu App credentials. Ensure these are set in your environment or openclaw.json:
export FEISHU_APP_ID="cli_xxx"
export FEISHU_APP_SECRET="xxx"
export FEISHU_RECEIVER="ou_xxx" # Default receiver (optional)
Usage
Basic Usage
Send a file to the default receiver (configured in FEISHU_RECEIVER):
bash scripts/send_file.sh "/path/to/your/file.pdf"
Specific Receiver
Send to a specific OpenID:
bash scripts/send_file.sh "/path/to/report.xlsx" "ou_abcdef123456"
Different Receiver Types
Send to a Group (chat_id):
bash scripts/send_file.sh "/path/to/archive.zip" "oc_abcdef123456" "chat_id"
Supported types: open_id, user_id, chat_id, email.
Script Details
scripts/send_file.sh
The main script that handles the 3-step process:
- Auth: Obtains a
tenant_access_token. - Upload: Uploads the file to Feishu's internal storage using
POST /im/v1/files. - Send: Sends the file message using
POST /im/v1/messages.
Permissions Required
The Feishu App must have the following permissions:
im:message(Send and receive messages)im:message:send_as_bot(Send messages as bot)im:resource(Access and upload resources)
安全使用建议
This skill appears to do exactly what it says: it uploads a local file and sends it to a Feishu receiver using the FEISHU_APP_ID and FEISHU_APP_SECRET you provide. Before installing or running: (1) review the script (scripts/send_file.sh) yourself — it will read whatever local file path you pass and send it to the specified receiver; avoid sending sensitive files accidentally. (2) Ensure the Feishu app has the listed permissions (im:message, im:message:send_as_bot, im:resource). (3) Store FEISHU_APP_SECRET securely; the script will print API responses on error (which could reveal tokens or error details) — remove or limit debug prints if that is a concern. (4) As with any third-party script, run it in a controlled environment first if you are unsure of its provenance.
功能分析
Type: OpenClaw Skill
Name: feishu-file
Version: 1.0.1
The skill provides legitimate functionality for sending files to Feishu, but scripts/send_file.sh contains vulnerabilities due to improper input sanitization. Specifically, user-provided arguments like FILE_PATH and RECEIVER_ID are directly interpolated into curl commands and JSON payloads, which could allow for shell or JSON injection. While the script communicates only with official Feishu endpoints (open.feishu.cn) and lacks clear evidence of intentional malice, the insecure handling of inputs poses a risk.
能力评估
Purpose & Capability
Name/description, required binaries (curl, jq), required env vars (FEISHU_APP_ID, FEISHU_APP_SECRET), and the included script all match the stated goal of uploading a file to Feishu and sending it as a message.
Instruction Scope
SKILL.md and scripts/send_file.sh only read the provided local file and the declared environment variables, and they call Feishu's documented endpoints (open.feishu.cn) for auth, upload, and message sending. There is no attempt to read other system files or unrelated environment variables.
Install Mechanism
No install spec (instruction-only with a bundled script). Nothing is downloaded from external/untrusted URLs and no archives are extracted; risk from install mechanism is minimal.
Credentials
Only FEISHU_APP_ID and FEISHU_APP_SECRET are required (plus an optional FEISHU_RECEIVER). These are the expected credentials for a Feishu app and are proportionate to the functionality.
Persistence & Privilege
Skill is not marked always:true, does not request system-wide changes, and does not modify other skills' configs. Autonomous invocation is the platform default and not a separate concern here.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install feishu-file - 安装完成后,直接呼叫该 Skill 的名称或使用
/feishu-file触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Fixed upload parameters (stream) and organized script structure.
v1.1.0
修复文件上传功能,支持所有常见文件类型。使用Python实现,正确处理multipart文件上传。修复了之前的上传失败问题(234001错误)。
v1.0.0
修复文件上传功能,支持所有常见文件类型
元数据
常见问题
Feishu File Sender 是什么?
Send local files to Feishu chats. Supports uploading and sending any file type as a Feishu file message. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 799 次。
如何安装 Feishu File Sender?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install feishu-file」即可一键安装,无需额外配置。
Feishu File Sender 是免费的吗?
是的,Feishu File Sender 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Feishu File Sender 支持哪些平台?
Feishu File Sender 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Feishu File Sender?
由 xiaofei(@franklu0819-lang)开发并维护,当前版本 v1.0.1。
推荐 Skills