ClawHub

Feishu Meeting Call

v1.0.0

通过飞书发送加急消息提醒用户。支持应用内加急和电话加急(真正打电话到手机)。

0· 41·1 current·1 all-time
by@daxiangnaoyang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (send urgent Feishu messages and phone calls) match the required binaries (python3), requested env vars (App ID/Secret and target open_id), and the included Python script which implements API calls to Feishu. Required permissions listed (im:message, im:message.urgent:phone, contact:user.id:readonly) align with the stated features.
Instruction Scope
SKILL.md instructions stick to collecting Feishu credentials, looking up users, saving config, and calling the notify/lookup commands. One minor mismatch: the script will honor FEISHU_ENV_FILE as an alternate env-file path (used to load saved config), but FEISHU_ENV_FILE is not declared in requires.env. Also the runtime writes a local .feishu.env (or path) to persist secrets — SKILL.md warns not to echo secrets, but persisting App Secret on disk is a sensitive operation the user should consider.
Install Mechanism
Instruction-only skill with a bundled Python script and no install spec. No third-party downloads or remote installers are used. The script uses only Python standard library, consistent with README claims.
Credentials
Requested env vars (FEISHU_APP_ID, FEISHU_APP_SECRET, FEISHU_USER_OPEN_ID) are appropriate for the Feishu API use. Minor point: FEISHU_ENV_FILE may be read by the script to locate saved config but is not declared as required/optional; users should be aware this variable can change where credentials are loaded from. Storing App Secret in a .feishu.env file is functional but sensitive.
Persistence & Privilege
always is false and the skill does not request elevated platform privileges. It persists its own configuration (.feishu.env by default) in the skill directory or user home; it does not modify other skills or system-wide settings.
Assessment
This skill appears to do what it says: send urgent Feishu messages and optionally trigger phone calls. Before installing: 1) Verify you trust the skill source (it persists App Secret to a local .feishu.env by default). 2) Consider where that file will be stored (skill root or your home directory) and restrict access to it. 3) You can override the config path via FEISHU_ENV_FILE — use a secure location if needed. 4) Ensure the Feishu app has the listed permissions and correct available-range so the feature works. 5) If you need maximum security, inspect scripts/feishu_meeting.py yourself or run it in an isolated environment; the script uses standard urllib calls to Feishu endpoints and may fallback to a permissive SSL context only in exceptional sandbox cases (this is uncommon but worth noting).

Like a lobster shell, security has layers — review code before you run it.

latestvk97e6pyfj2wwxkz3gk82abkx59841756

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📞 Clawdis
Binspython3
EnvFEISHU_APP_ID, FEISHU_APP_SECRET, FEISHU_USER_OPEN_ID
Primary envFEISHU_APP_ID

Comments