← 返回 Skills 市场

Feishu Skills Kit 飞书技能全集

Name: Feishu Skills Kit 飞书技能全集
Author: hewenqiang

作者 hewenqiang · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

1094

总下载

当前安装

版本数

在 OpenClaw 中安装

/install feishu-skills-kit

功能描述

Complete Feishu (Lark) Skills collection for Claude Code / OpenClaw. Includes 10 skills covering: document management, messaging, spreadsheets, Bitable, inte...

使用说明 (SKILL.md)

Feishu Skills Kit — 飞书 Skills 全集

Complete collection of 10 Feishu/Lark skills for Claude Code and OpenClaw agents.

Included Skills

Skill	Category	Description
feishu-doc-manager	Document	Markdown → Feishu Doc with auto-formatting
feishu-docx-powerwrite	Document	High-quality Markdown → Feishu Docx conversion
feishu-doc-editor	Document	Create/edit Feishu documents via OpenAPI
feishu-messaging	Messaging	Send text/image/file messages
feishu-card	Messaging	Rich interactive card messages
feishu-sheets-skill	Spreadsheet	Full spreadsheet CRUD operations
feishu-bitable	Spreadsheet	Bitable/Base record management
feishu-bridge	Integration	Bot ↔ Clawdbot WebSocket bridge
feishu-memory-recall	Memory	Cross-group message search and digest
feishu-leave-request	Workflow	Leave request submission assistant

Prerequisites

Create an app on Feishu Open Platform
Obtain your App ID and App Secret
Configure required permissions based on the skills you use
Set up MCP Server (see README.md for details)

Quick Start

# Install all skills
clawhub install feishu-skills-kit --dir ~/.claude/skills

# Configure MCP (edit ~/.claude/mcp.json)
# Add your FEISHU_APP_ID and FEISHU_APP_SECRET
# See mcp-config-template.json for reference

# Restart Claude Code

MCP Configuration

See mcp-config-template.json for the configuration template. Replace placeholders with your own credentials.

Documentation

See README.md for the complete setup guide (in Chinese).

安全使用建议

This collection contains useful Feishu skills, but exercise caution before installing or enabling the bridge: - Metadata mismatch: The registry says 'no required env vars' but the README and code require FEISHU_APP_ID/FEISHU_APP_SECRET (or secret file) and a Clawdbot gateway token. Do not provide these credentials unless you trust the source. - Audit the code: Review the bridge (bridge.mjs), card (send.js + handle_event.js), and bitable scripts. Pay special attention to: - Hard-coded tokens (remove or rotate them). The feishu-bitable scripts include a hard-coded appToken — treat it as suspicious and do not reuse it. - Child-process usage: handle_event.js uses execSync with interpolated event data; this can be exploited if an attacker controls event contents. Prefer calling the send logic programmatically rather than using a shell command. - Files read/written: scripts read ~/.clawdbot/clawdbot.json and secret files. Inspect those configs and ensure they do not contain extra secrets you don't want accessible. - Test in isolation: Run these skills in a sandboxed or disposable environment (non-production machine or VM) first. Do not run the bridge as a persistent service until you've audited it. - Least privilege: Create a dedicated Feishu self-built app with minimal permissions required by the features you need and a dedicated Clawdbot gateway token/account; avoid using high-privilege tokens across other services. - Remove autostart until reviewed: The setup-service script will install a launchd agent; do not load it until you have inspected and are confident in the code. - If unsure, prefer installing only specific sub-skills you need (and inspect their package.json and code) rather than bulk-installing the entire kit. If you want, I can (a) point out the exact lines to change to remove shell exec usage, (b) highlight hard-coded tokens and suggest fixes, or (c) produce a short checklist for a code audit to run before enabling the bridge.

功能分析

Type: OpenClaw Skill Name: feishu-skills-kit Version: 1.0.0 The skill bundle is classified as suspicious due to a shell injection vulnerability in `skills/feishu-card/handle_event.js` where user-controlled input (`menuKey`) is directly interpolated into an `execSync` command. Additionally, `skills/feishu-bridge/setup-service.mjs` creates a macOS launchd plist for persistence, and `skills/feishu-bridge/bridge.mjs` and `skills/feishu-memory-recall/index.js` read sensitive local configuration files (e.g., `~/.clawdbot/clawdbot.json` for gateway tokens, `~/.clawdbot/secrets/feishu_app_secret`, `~/.openclaw/agents/main/sessions/sessions.json`). While these capabilities are necessary for the stated purpose and `skills/feishu-card/send.js` includes a `scanForSecrets` function to prevent credential leakage, the direct shell injection vulnerability and the powerful persistence/sensitive file access capabilities warrant a 'suspicious' classification.

能力评估

⚠ Purpose & Capability

The skill bundle claims to be a Feishu (Lark) skills collection and legitimately needs Feishu App ID/Secret and a Clawdbot gateway token for the bridge; however the registry metadata lists no required environment variables while the README/SKILL.md and many code files clearly require FEISHU_APP_ID, FEISHU_APP_SECRET (or secret file), and access to the local Clawdbot config. This mismatch between declared metadata and actual requirements is incoherent and increases risk.

⚠ Instruction Scope

SKILL.md/README instruct users to store secrets under ~/.clawdbot/secrets and update ~/.claude/mcp.json and to run bridge service. Code reads local config and secret files, connects to a local gateway, and forwards message content to Clawdbot. There are also risky runtime behaviors: a handler uses child_process.execSync to call send.js with interpolated event values (possible shell injection if event fields are attacker-controlled), multiple scripts read arbitrary files (../../.env, ~/.clawdbot files), and a few scripts include hard-coded app/appToken strings. The instructions give the agent broad ability to read and act on local files and to create persistent services.

ℹ Install Mechanism

There is no centralized install spec (skill is instruction + code). Installing typically requires copying directories and running npm install inside sub-skill directories. Dependencies come from public npm (e.g., @larksuiteoapi/node-sdk, ws, node-fetch) — traceable but should still be installed locally. No arbitrary binary downloads or obscure URLs were found in the provided files.

⚠ Credentials

The bundle requires Feishu credentials and also reads the Clawdbot config to obtain a gateway auth token — those are proportional to a bridge skill, but the registry incorrectly reports 'no required env vars'. Additional concerns: some code contains a hard-coded appToken ('D1albdySZaU6ncsx4WzcGZfOn1B') in feishu-bitable scripts, and some files load ../feishu-common or ../../.env which may expose environment variables. Multiple different secrets/paths are referenced (FEISHU_APP_SECRET_PATH, ~/.clawdbot/secrets, ~/.claude/mcp.json), increasing the chance of accidental credential exposure.

ℹ Persistence & Privilege

The bridge includes a setup-service script that writes a macOS launchd plist into ~/Library/LaunchAgents and instructs users to load it (auto-start and KeepAlive). 'always' is false in metadata, but the bundle encourages persistent autostart behavior which increases attack surface if the code is malicious or compromised. The code does not modify other skills' configs, but it does require access to the user's Clawdbot config and secret files.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install feishu-skills-kit
安装完成后，直接呼叫该 Skill 的名称或使用 /feishu-skills-kit 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Complete collection of 10 Feishu/Lark skills with setup guide, MCP config template, and documentation

元数据

Slug feishu-skills-kit

版本 1.0.0

许可证 —

累计安装 5

当前安装数 5

历史版本数 1

常见问题