← Back to Skills Marketplace
Feishu Evolver Wrapper (Fixed)
by
foras910521-lab
· GitHub ↗
· v1.0.0
· MIT-0
90
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install feishu-evolver-wrapper-ganyu
Description
Feishu-integrated wrapper for the capability-evolver. Manages the evolution loop lifecycle (start/stop/ensure), sends rich Feishu card reports, and provides...
README (SKILL.md)
Feishu Evolver Wrapper
A lightweight wrapper for the capability-evolver skill.
It injects the Feishu reporting environment variables (EVOLVE_REPORT_TOOL) to enable rich card reporting in the Master's environment.
Usage
# Run the evolution loop
node skills/feishu-evolver-wrapper/index.js
# Generate Evolution Dashboard (Markdown)
node skills/feishu-evolver-wrapper/visualize_dashboard.js
# Lifecycle Management (Start/Stop/Status/Ensure)
node skills/feishu-evolver-wrapper/lifecycle.js status
Architecture
- Evolution Loop: Runs the GEP evolution cycle with Feishu reporting.
- Dashboard: Visualizing metrics and history from
assets/gep/events.jsonl. - Export History: Exports raw history to Feishu Docs.
- Watchdog: Managed via OpenClaw Cron job
evolver_watchdog_robust(runslifecycle.js ensureevery 10 min).- Replaces fragile system crontab logic.
- Ensures the loop restarts if it crashes or hangs.
Usage Guidance
This skill contains substantial Node.js code (daemon/watchdog, filesystem and process manipulation, Feishu API callers) but the registry entry claims no required env vars and the SKILL.md lists only simple run commands. Before installing or running: 1) Review all code (especially index.js, lifecycle.js, report.js, export_history.js, issue_tracker.js) and confirm you are comfortable with it accessing your OpenClaw workspace, memory/, logs/, and assets/ files. 2) Do not provide Feishu tokens (FEISHU_APP_ID/FEISHU_APP_SECRET or FEISHU_EVOLVER_DOC_TOKEN) or OpenClaw credentials unless you trust the source; the code will read token files and call Feishu APIs. 3) Expect the skill to spawn background processes and write pid/log files; run it in an isolated/sandboxed environment or container if you want to limit host impact. 4) If you need to use it, minimize secrets given to it and prefer read-only tokens where possible; consider creating a dedicated Feishu app/account scoped only to reporting. 5) The package uses local paths and a local "evolver" dependency — ensure those paths match your setup or the code will try to access unexpected filesystem locations. Finally, because the metadata omitted required env variables and the code exercises system-level actions, treat this skill as higher-risk unless you can fully audit and sandbox it.
Capability Analysis
Type: OpenClaw Skill
Name: feishu-evolver-wrapper-ganyu
Version: 1.0.0
This bundle is a highly privileged lifecycle manager for an autonomous AI 'evolution' loop, integrating with Feishu for reporting and dashboarding. It exhibits several high-risk behaviors, including automated Git synchronization (add/commit/push), persistence via OpenClaw cron jobs and background daemons (lifecycle.js), and the ability to monitor and 'auto-heal' other skills (skills_monitor.js). A critical security risk is present in index.js, which uses a 'new Function' constructor to evaluate potentially untrusted, LLM-generated JSON payloads. While the bundle includes defensive features like a secret scanner (feishu-helper.js) to prevent credential leakage and circuit breakers to stop failing loops, the combination of broad shell execution and autonomous code modification capabilities warrants a suspicious classification.
Capability Assessment
Purpose & Capability
The name/description (Feishu wrapper for capability-evolver) matches the code's purpose: lifecycle management, reporting, dashboarding. However the bundle contains many implementation details (process management, cron/watchdog, file cleanup, daemon spawning, pid manipulation, calls into local 'evolver' package) that go beyond a minimal 'reporting wrapper'. Some hard-coded default paths (/Users/foras/.openclaw/...) and a local package dependency ("evolver": "file:../evolver") indicate this was written for a specific environment and will attempt to access the host workspace.
Instruction Scope
SKILL.md shows only three simple node commands, but the included code (index.js, lifecycle.js, daemon.sh, report.js, export_history.js, issue_tracker.js, etc.) performs broad actions: reading/writing many workspace files (memory, logs, assets/gep/events.jsonl), deleting old logs, reading token files (memory/feishu_token.json), spawning/killing processes, exec/execSync/spawn child processes, scanning /proc on Linux, and invoking other local scripts. The runtime instructions do not enumerate these behaviors or the many environment variables and files the code uses.
Install Mechanism
No external install spec or remote downloads are present (instruction-only install), which reduces supply-chain risk. However package.json declares a local dependency (file:../evolver) and many code files assume a local OpenClaw workspace layout. There is no network-based installer, but the skill will write files and spawn daemons on the host when run.
Credentials
Registry metadata declared no required env vars or primary credential, but the code references and expects many environment values and secrets (e.g., FEISHU_APP_ID, FEISHU_APP_SECRET, FEISHU_EVOLVER_DOC_TOKEN, OPENCLAW_MASTER_ID, various FEISHU_* and OPENCLAW_* vars). The code also reads token files from the workspace (memory/feishu_token.json) — this is sensitive and not declared. The set of env vars and file accesses is broader than what the SKILL.md or registry metadata indicate.
Persistence & Privilege
The skill does not request always:true, and it is user-invocable only. Nonetheless it spawns persistent processes/daemons, writes pid files, can kill other processes, and manages cron/watchdog logic via the OpenClaw CLI. Those privileges are plausible for a lifecycle wrapper, but because they enable long-running background activity and process control, they increase the blast radius if combined with undisclosed credentials or autonomous invocation.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install feishu-evolver-wrapper-ganyu - After installation, invoke the skill by name or use
/feishu-evolver-wrapper-ganyu - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
修复:使用 config.resolveEvolverCore() 替代 possibleDirs 猜测,添加 config.js 集中路径配置
Metadata
Frequently Asked Questions
What is Feishu Evolver Wrapper (Fixed)?
Feishu-integrated wrapper for the capability-evolver. Manages the evolution loop lifecycle (start/stop/ensure), sends rich Feishu card reports, and provides... It is an AI Agent Skill for Claude Code / OpenClaw, with 90 downloads so far.
How do I install Feishu Evolver Wrapper (Fixed)?
Run "/install feishu-evolver-wrapper-ganyu" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Feishu Evolver Wrapper (Fixed) free?
Yes, Feishu Evolver Wrapper (Fixed) is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Feishu Evolver Wrapper (Fixed) support?
Feishu Evolver Wrapper (Fixed) is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Feishu Evolver Wrapper (Fixed)?
It is built and maintained by foras910521-lab (@foras910521-lab); the current version is v1.0.0.
More Skills