ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

feishu-team-manager

v2.4.3

自动化招聘新 Agent,配置独立飞书/ Discord 机器人并重构多账号路由

0· 135·0 current·0 all-time
by@htf0513

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for htf0513/feishu-team-manager.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "feishu-team-manager" (htf0513/feishu-team-manager) from ClawHub.
Skill page: https://clawhub.ai/htf0513/feishu-team-manager
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: HOME
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install feishu-team-manager

ClawHub CLI

Package manager switcher

npx clawhub@latest install feishu-team-manager
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code and runtime instructions implement exactly what the skill says: create per-agent workspaces, inject IDENTITY/SOUL/AGENTS files, modify ~/.openclaw/openclaw.json, register an hr_recruiter agent, and restart the OpenClaw gateway. Those capabilities logically belong to a team/agent-management skill. However, the registry metadata shown earlier (Requirements: only HOME, no required binaries) mismatches SKILL.md/_meta.json which declare that 'openclaw' CLI and credentials (LARK_APP_ID/LARK_APP_SECRET, optional DISCORD_BOT_TOKEN) are required — this inconsistency should be clarified before install.
!
Instruction Scope
SKILL.md and the scripts instruct the agent to read and modify user config at ~/.openclaw/openclaw.json, create directories under ~/.openclaw, copy files, run 'openclaw agents add', 'openclaw doctor --fix', and 'openclaw gateway restart'. Those actions are within the skill's advertised scope but are high-impact: they change persistent system configuration and restart services. The scripts prompt for confirmation in interactive terminals, but in non-interactive environments the confirmation routine resolves to 'no' (it will not auto-run), so it avoids blind auto-deploy in CI; still, if a user consents, the skill will perform wide-reaching changes. Also the add_discord_config.py provides an option to directly embed tokens into config JSON (discouraged by the script, but still available).
Install Mechanism
There is no network install spec; the skill is distributed with code files (index.js and Python helpers). No remote downloads or archived extracts are present in the install spec. That reduces supply-chain risk compared with remote installers. The included publish.sh / promotional files are informational only.
!
Credentials
The skill legitimately needs access to HOME and the OpenClaw CLI and the Feishu/Discord credentials to bind bots. These credentials are sensitive (App Secret / Bot Token). The skill and its scripts will update openclaw.json and create backups; add_discord_config.py defaults to referencing DISCORD_BOT_TOKEN via env (good) but also allows direct embedding of tokens into openclaw.json (risk: secrets may be stored in plaintext in config and backups). The earlier 'Requirements' summary omitted the credentials/binary requirement, an inconsistency that could mislead users about what secrets will be needed.
!
Persistence & Privilege
The skill will copy itself into a persistent HR workspace under ~/.openclaw/hr_recruiter_workspace/skills/feishu-team-manager and register an hr_recruiter agent in openclaw.json. That is consistent with the stated feature (a persistent HR agent) but it is a significant persistent change: the skill self-migrates into the user's OpenClaw workspace and registers an agent that holds management privileges. The skill is not force-included platform-wide (always: false), but it does establish a persistent privileged agent within the user's environment.
What to consider before installing
What to consider before installing: 1) Clarify declared requirements: SKILL.md and _meta.json require the openclaw CLI and Feishu/Discord credentials, but the registry summary omitted those — confirm you will supply LARK_APP_ID and LARK_APP_SECRET (and DISCORD_BOT_TOKEN if using Discord). 2) Backup before you run: the skill will modify ~/.openclaw/openclaw.json and may write backups there; make an independent copy of your OpenClaw configuration before consenting to any automated changes. 3) Prefer environment-variable tokens: add_discord_config.py supports referencing DISCORD_BOT_TOKEN in env (recommended). Avoid using the 'direct token' mode which will embed secrets in openclaw.json (and into backups), exposing tokens to anyone who can read those files. 4) Review scripts locally: because this skill copies itself into a persistent HR workspace and registers a privileged agent (hr_recruiter), inspect index.js, scripts/add_discord_config.py, and scripts/bind_bot.py to ensure the registration and file-copy behavior matches your security policy. 5) Run interactively first: the index.js prompts for confirmation in interactive shells; run it in a terminal so you can approve or decline each high-privilege operation. Do not run in automated/non-interactive environments with elevated privileges unless you have reviewed the code. 6) Principle of least privilege: create/assign dedicated App IDs/secrets or Discord bot tokens with minimum permissions, and rotate them if you later uninstall the skill or change operator personnel. 7) Audit artifacts after use: check ~/.openclaw/openclaw.json and backup files for any embedded secrets and remove/rotate them if found. If you want, I can (a) highlight the exact lines in the scripts that write to openclaw.json/backups, (b) point out where tokens could be embedded, or (c) suggest a safer install checklist tailored to your environment.
index.js:44
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

EnvHOME
latestvk9745fn5fy0kh3mk5ktgf6pqq585nrn8
135downloads
0stars
6versions
Updated 20h ago
v2.4.3
MIT-0
@htf0513
latest
Download

feishu-team-manager (HR 大姐头)

飞书/Discord 多 Agent 团队管理 Skill。基于"大姐头"招聘方案,实现 Agent 招聘、独立 Bot 绑定与环境自适配。

适用范围:飞书(主推)| Discord(可选支持)—— 通过独立账户级路由为每个 Agent 绑定专属机器人。

依赖要求

  • OpenClaw >= 2026.3.20
  • 系统需安装 openclaw CLI 并配置在 PATH 中

路由绑定方案

本 Skill 采用 2026-04-21 实践通过 的"账户级路由"方案,确保每个机器人拥有独立的身份、头像和快捷指令。

核心逻辑

  • 独立身份 (Account):每个机器人对应飞书开放平台的一个独立应用。
  • 精准映射 (Binding):通过 accountId 将特定机器人发来的消息路由到指定的物理工作空间。

技能结构

feishu-team-manager/
├── index.js              # 安装引导与环境适配器(含用户确认、依赖检查、配置文件备份)
├── SKILL.md              # 本文档
├── _meta.json            # 元数据与安全声明
├── assets/
│   ├── templates/        # HR Agent 身份模板 (IDENTITY/SOUL/AGENTS)
│   └── cards/            # 飞书消息卡片模板
├── scripts/
│   ├── recruit_agent.py  # 物理空间创建与 Agent 初始化
│   ├── bind_bot.py       # 核心配置注入,重构 openclaw.json(含自愈与冲突检测)
│   ├── check_env.py      # 团队状态巡检
│   └── monitor_usage.py  # 使用量监控
└── promotion/            # 推广素材

使用方式

1. 招聘新员工

直接对"大姐头"说:"招聘一个运维 Agent,起名叫运维小弟"。

执行流程:

  1. 创建 ~/.openclaw/agents/{agent_name} 工作目录
  2. 注入专属的 IDENTITY.md / SOUL.md / AGENTS.md
  3. 提示你提供该员工对应的飞书机器人凭据

2. 绑定机器人

说:"帮运维小弟绑定机器人,App ID 是 cli_xxx,Secret 是 yyy"。

执行流程:

  1. 自动注入 channels.feishu.accounts 配置
  2. 自动设置 bindings 路由
  3. 执行 openclaw doctor --fix 校验配置
  4. 执行 openclaw gateway restart 重启生效

3. 安装首次部署

当此 Skill 首次运行时,index.js 会:

  1. 依赖检查 — 确认 openclaw CLI 可用,配置文件存在
  2. 用户确认 — 显示操作清单(创建工作空间、注入身份文件、注册 Agent),询问你是否继续
  3. 配置文件备份 — 自动生成 .bak_[时间戳] 格式备份
  4. 执行部署 — 创建 HR 工作空间、复制技能文件、注册 Agent
  5. 引导提示 — 提示运行 openclaw gateway restart 生效

所有修改 openclaw.json 的操作前都会自动备份,你随时可以回滚。

安全说明

  • 高权限操作需确认:首次部署、绑定机器人等操作在交互环境下会先询问你的同意
  • 自动备份:每次修改配置前生成备份文件
  • 冲突拦截:绑定机器人时会检查 App ID 是否已被占用
  • 配置验证:修改后自动运行 openclaw doctor --fix 校验完整性
  • 恢复方法:如遇到问题,使用备份文件 ~/.openclaw/openclaw.json.bak_[时间戳] 手动恢复

注意事项

  • 保留现有配置:现有 appId/appSecret 完全不动
  • dmScope 自动设置bind_bot.py 自动设置 dmPolicy: "open"
  • Gateway 重启:重启后约 10-30 秒恢复服务

支持作者

如果你觉得这个技能对你有帮助,可以考虑支持作者继续开发:

  • 微信赞赏码<image url="https://gitee.com/noahtao/wordpress-auto-publisher/raw/main/images/wechat_donate.png"/>
  • 支付宝<image url="https://gitee.com/noahtao/wordpress-auto-publisher/raw/main/images/alipay_donate.jpg"/>
  • GitHub Sponsorshttps://github.com/sponsors/htf0513
  • 定制服务:联系微信/邮箱获取企业级定制

Comments

Loading comments...