← 返回 Skills 市场
Swarm Control Feishu
作者
yubinsheng
· GitHub ↗
· v2.0.0
· MIT-0
152
总下载
0
收藏
0
当前安装
5
版本数
在 OpenClaw 中安装
/install swarm-control-feishu
功能描述
一键配置飞书智能体集群,支持多 agent 并行、语音服务、全权限控制
安全使用建议
Do not run deploy.sh or start-voice-service.sh blindly. Key risks:
- This skill intentionally disables sandboxing and grants agents full exec and filesystem access, and enables 'elevated' actions from Feishu/webchat — meaning remote users could cause arbitrary commands to run on the host.
- deploy.sh attempts to add a passwordless sudoers entry for user 'lehua' (lehua ALL=(ALL) NOPASSWD: ALL). That elevates privilege permanently and is unsafe.
- start-voice-service.sh will write a Python service to /tmp, install packages via pip globally (no virtualenv), enable CORS=* and run an HTTP endpoint — all increasing exposure.
- The documentation suggests pushing configs to GitHub; openclaw-config.json contains API keys and secrets and would leak them if published.
What to do before installing:
1. Review every file line-by-line (especially scripts/deploy.sh and files/openclaw-config.json). Fix obvious bugs (the deploy script has a malformed line) and remove or modify unsafe defaults.
2. Never enable sandbox: off, fs.workspaceOnly=false, exec.ask=off, or tools.profile=full unless you fully accept the host compromise risk. Prefer least-privilege settings.
3. Do NOT apply the sudoers change. If you need privileged actions, use carefully-scoped sudoers entries for your specific username or use an alternative elevation mechanism, and avoid NOPASSWD for broad commands.
4. Run the voice service in an isolated environment (container or virtualenv) and avoid global pip installs. Restrict CORS and bind to localhost if not needed externally.
5. Replace hard-coded username 'lehua' with your actual username or make the script prompt for the correct user; verify file paths are correct for your environment.
6. Keep secrets out of repo/config files; use secure secret storage or environment variables with appropriate metadata declared. Do not publish the filled config to GitHub.
7. If you want to test, do so inside a disposable VM or container to limit blast radius. If you are not comfortable auditing and mitigating these issues, avoid installing this skill in production systems.
功能分析
Type: OpenClaw Skill
Name: swarm-control-feishu
Version: 2.0.0
The skill bundle configures an extremely permissive environment by disabling all sandboxing, allowing unrestricted command execution without user confirmation (exec.security: full, ask: off), and granting full filesystem access (fs.workspaceOnly: false) in files/openclaw-config.json. Most critically, scripts/deploy.sh attempts to grant passwordless sudo privileges to a specific user by modifying /etc/sudoers.d/lehua. Furthermore, files/AGENTS.md explicitly instructs the AI agents that they have 'FULL ACCESS' and should execute system commands autonomously via curl and exec tools. While these actions are framed as features for managing a Feishu agent swarm, the combination of privilege escalation and lack of oversight represents a significant security risk.
能力评估
Purpose & Capability
The skill's stated purpose (full-permission Feishu agent swarm) matches what the scripts and config do: they disable sandboxing, set tools.profile to 'full', set exec.security to 'full' and ask='off', set fs.workspaceOnly=false, enable agent-to-agent and session visibility=all, and configure elevated privileges for feishu/webchat. Those capabilities are highly privileged and beyond what a safe default deployment would need; while coherent with the advertised '全权限' claim, they are disproportionately powerful and risky for most users.
Instruction Scope
SKILL.md directs the user to copy openclaw-config.json and run scripts (deploy.sh, start-voice-service.sh). The scripts perform system-level changes: overwrite ~/.openclaw/openclaw.json, create workspaces, copy AGENTS.md into multiple locations, attempt to write a sudoers file to /etc/sudoers.d (passwordless sudo for user 'lehua'), install Python packages via pip, write and run a Python web service with CORS=* and open endpoints. The instructions do not require nor warn about these broad system and privilege changes.
Install Mechanism
There is no formal install spec (instruction-only), but included scripts write files to disk, create a Python service under /tmp, and run pip install (fastapi, uvicorn, python-multipart) without a virtualenv. That is moderately risky (global package installation, persistent files and services) but not unusual for local deployment scripts. The scripts do not download code from external, untrusted URLs.
Credentials
The skill metadata lists no required env vars, yet the included openclaw-config.json expects multiple sensitive secrets (LLM API keys, Feishu App IDs/Secrets, gateway auth token) which the deploy script will copy into ~/.openclaw/openclaw.json. More importantly, the configuration exposes insecure defaults (controlUi.allowInsecureAuth=true, gateway.bind=lan, allowedOrigins placeholders) and grants 'allowFrom': ['*'] for elevated actions — requesting no credentials in metadata but instructing the user to place secrets in files is an inconsistency and increases risk of accidental leakage (e.g., pushing configs to GitHub as the publish docs suggest).
Persistence & Privilege
The skill does not set always:true, but its install/runtime steps attempt permanent, high-privilege changes: copying configuration into the agent's config path, creating workspaces, copying agent policies to workspace folders, installing and starting a persistent voice service, and attempting to add a passwordless sudoers entry for a hard-coded username ('lehua'). These changes grant long-lived host-level privileges and remote command capability to agents and Feishu/webchat users if applied.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install swarm-control-feishu - 安装完成后,直接呼叫该 Skill 的名称或使用
/swarm-control-feishu触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.0
Swarm-control-feishu v2.0.0 is a major upgrade for Feishu multi-agent management:
- Complete project restructure: simplified, focused directory; obsolete files and legacy code removed.
- All configuration now via `files/openclaw-config.json` and unified scripts for setup, workspace, voice, and deployment.
- Multi-agent, multi-project support: automatic setup for main agent plus project agents (main, xg, xc, xd); all support child agents and concurrent tasking.
- Full admin privileges by default, including sandbox OFF, maximum tool rights, and sudo-free elevation across Feishu & webchat.
- Built-in voice service integration: one-command start, all agents auto-detect and use speech-to-text.
- Refined documentation: clearer step-by-step quickstart, config templates, and complete permission/feature explanations.
v1.1.3
更新版本支持范围:明确支持 OpenClaw 2026.3.31 - 2026.4.2,添加 maxOpenClawVersion 字段
v1.1.2
新增飞书消息回复方式配置文档:replyInThread、groupPolicy、dmPolicy、requireMention 等详细说明和配置示例
v1.1.1
更新多环境支持文档:添加 Linux、macOS、WSL2、Windows 原生、Android Termux 的详细安装指南和故障排除
v1.1.0
一键部署多智能体集群,飞书全权限免授权,手机远程指挥 AI 团队,打造一人集团级开发能力。
元数据
常见问题
Swarm Control Feishu 是什么?
一键配置飞书智能体集群,支持多 agent 并行、语音服务、全权限控制. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 152 次。
如何安装 Swarm Control Feishu?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install swarm-control-feishu」即可一键安装,无需额外配置。
Swarm Control Feishu 是免费的吗?
是的,Swarm Control Feishu 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Swarm Control Feishu 支持哪些平台?
Swarm Control Feishu 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Swarm Control Feishu?
由 yubinsheng(@yubinsheng)开发并维护,当前版本 v2.0.0。
推荐 Skills