ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Feishu Article Collector

v1.2.0

自动收集今日头条、微信公众号文章。抓取正文,AI 生成总结和分类,存入飞书多维表格。支持去重。

0· 334·0 current·0 all-time
by@budingsoft

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for budingsoft/feishu-article-collector.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Feishu Article Collector" (budingsoft/feishu-article-collector) from ClawHub.
Skill page: https://clawhub.ai/budingsoft/feishu-article-collector
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: FEISHU_APP_ID, FEISHU_APP_SECRET, DEEPSEEK_API_KEY
Required binaries: python3
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install budingsoft/feishu-article-collector

ClawHub CLI

Package manager switcher

npx clawhub@latest install feishu-article-collector
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (collect articles, AI summarize, save to Feishu) match the actual code and declared requirements: python3, FEISHU_APP_ID/FEISHU_APP_SECRET, DEEPSEEK_API_KEY. The code fetches supported domains, calls DeepSeek for summarization, and uses Feishu Open APIs to find/create a bitable and write records — all expected.
Instruction Scope
SKILL.md explicitly requires executing the included Python script with the full message text; the script extracts URLs, fetches page content from the linked domains, sends content+title to DeepSeek, and writes to Feishu. This scope is consistent with the stated purpose, but note it will transmit fetched article content (and the passed message text) to the DeepSeek API and to Feishu.
Install Mechanism
Install spec only requests the 'requests' Python package (via the declared 'uv' kind). This is proportionate for a Python script that performs HTTP calls. No downloads from arbitrary URLs or archive extraction are used.
Credentials
The three required env vars (FEISHU_APP_ID, FEISHU_APP_SECRET, DEEPSEEK_API_KEY) are directly used by the code and are proportionate. Important privacy/security implication: article contents and any message text are sent to DeepSeek (third-party) for summarization, and Feishu credentials are used to create/write a bitable. The script also stores state (tokens/IDs) locally in .state.json.
Persistence & Privilege
always:false and autonomous invocation allowed (platform default). The skill creates/updates a Feishu bitable and caches state in .state.json in the script directory. create_bitable.py includes utility functions (and a grant_user_access helper) that, if run manually, may grant access scopes — but SKILL.md requires running collect.py, not arbitrary helper scripts. Persisted state and created bitable are expected for this use case but are things to review.
Scan Findings in Context
[no_findings] expected: Static scanner reported no regex-based findings. The package is instruction + Python code performing HTTP calls to origin sites, DeepSeek, and Feishu APIs — this matches the declared purpose.
Assessment
This skill appears internally consistent, but review these before installing: - Network transmission: the skill fetches articles from linked websites and sends article content (and message text you pass to the script) to the DeepSeek API for summarization. Only enable this if you trust DeepSeek and the content isn't sensitive. - Feishu privileges: the skill uses FEISHU_APP_ID/FEISHU_APP_SECRET to create and write a bitable. Ensure the Feishu app has only the minimum required permissions (bitable:app) and monitor what it creates. If you need tighter control, create a dedicated Feishu app/account for this skill. - Local state: it stores metadata (app_token/table_id, etc.) in .state.json inside the scripts folder — treat that file as sensitive and protect or rotate credentials if needed. - Helper script caution: scripts/create_bitable.py contains hard-coded placeholder constants (APP_ID/APP_SECRET/USER_OPEN_ID) and includes a function to grant full access to a user; do not run it without reviewing and replacing placeholders and understanding the permission it grants. - Operational recommendation: review the two Python files line-by-line (they are included), run the skill in an isolated environment if possible, and only provide the three required env vars via the platform's secure secrets mechanism. If you are uncomfortable sending content to a third party, do not install or replace DeepSeek calls with an internal model/service.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

📰 Clawdis
Binspython3
EnvFEISHU_APP_ID, FEISHU_APP_SECRET, DEEPSEEK_API_KEY
Primary envFEISHU_APP_ID

Install

uvuv tool install requests
latestvk978r9gq4870hf7qdgkz1e0kzs82gr5p
334downloads
0stars
3versions
Updated 16h ago
v1.2.0
MIT-0
@budingsoft
latest
Download

飞书文章收集器

收到包含今日头条或微信公众号链接的消息时,自动抓取文章、AI 总结、分类并存入飞书多维表格。

触发条件

当消息中包含以下域名的链接时,立即执行本技能:

  • toutiao.comtoutiaocdn.comtoutiao.iosnssdk.com(今日头条)
  • mp.weixin.qq.com(微信公众号)

处理方式

使用 exec 工具调用脚本,一步完成所有处理:

python3 {baseDir}/scripts/collect.py '完整的消息文本'

参数说明:

  • 第一个参数:用户发送的完整消息文本(包含链接和其他文字)

脚本返回 JSON 结果:

成功:

{"success": true, "title": "文章标题", "category": "分类", "summary": "总结", "record_id": "xxx"}

重复:

{"success": false, "error": "该文章已收录,跳过重复链接", "url": "..."}

回复格式

根据脚本返回结果回复用户:

成功时:

已收录:《文章标题》 分类:xxx 总结:xxx

重复时:

该文章已收录,无需重复保存

失败时:

收录失败:错误原因

重要:必须调用脚本

  • 严禁使用 web_fetch 抓取文章,必须调用上面的 Python 脚本
  • 脚本已内置抓取、总结、分类、写入的全部逻辑,不需要自己做任何处理
  • 消息文本原样传入第一个参数,不需要自己提取 URL
  • 如果脚本执行失败,将错误信息返回给用户即可

安装后配置

在 OpenClaw 的 openclaw.json 中配置环境变量:

{
  "env": {
    "FEISHU_APP_ID": "飞书自建应用 App ID",
    "FEISHU_APP_SECRET": "飞书自建应用 App Secret",
    "DEEPSEEK_API_KEY": "DeepSeek API Key"
  }
}

飞书应用需开通 bitable:app 权限。多维表格会在首次使用时自动创建。

Comments

Loading comments...