Feishu Bitable Tasker
v0.1.0基于飞书知识库多维表格和文档能力的任务管理技能。提供创建任务、创建任务关联文档、修改任务状态等功能,可与外部工具灵活集成。
⭐ 0· 102·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description claim a Feishu multi-dimensional table (Bitable) + wiki/doc integration. The included scripts implement exactly that (Feishu API client, table/field management, task creation, wiki node creation). No unrelated services, binaries, or credentials are requested.
Instruction Scope
SKILL.md confines actions to the skill directory, instructs to create/read config/*.json, and to run the provided node scripts. The runtime instructions ask the agent to collect App ID/App Secret from the user and write them into config files — this is appropriate for authenticating to Feishu. The instructions do not direct the agent to read unrelated host files or send data to external endpoints besides official Feishu endpoints (open.feishu.cn / feishu.cn).
Install Mechanism
No install spec / downloads are present and the repository is instruction+script only. All code uses Node.js built-ins (https, fs) and there is no external package install or remote archive download. Risk from installation is low; scripts run locally.
Credentials
The skill requires Feishu app credentials (App ID + App Secret) obtained from the user and stored in config/*.json under the skill directory — this is proportional to the stated purpose. Note: credentials are stored on disk in plain JSON and the validator prints a partial token to stdout; protect config files and avoid committing them to VCS.
Persistence & Privilege
always:false and normal autonomous invocation settings. The skill only writes/reads its own config/ files and does not modify other skills or system-wide agent settings.
Assessment
This skill appears to do what it says: it needs a Feishu App ID and App Secret so it can call the official Feishu APIs to create records and wiki/doc nodes. Before installing or using it: 1) Verify the source — registry metadata shows 'Source: unknown'; inspect the included scripts yourself or install only from a trusted repository. 2) Be prepared to grant the Feishu application 'manage' permissions on the specific knowledge-base table as documented — that is necessary for creating child documents but is elevated, so add the app only to the intended table/node. 3) The skill will store App ID/App Secret in config/credentials.json under the skill directory; do not commit that file to version control and restrict filesystem access. 4) The validator will create test records and wiki nodes in your Feishu space during setup — expect test data and remove it manually if desired. 5) If you need higher assurance, review the full scripts (feishu-client.js, task-manager.js, admin.js, validate.js) to confirm there are no network destinations beyond open.feishu.cn / feishu.cn and that logging behavior is acceptable.Like a lobster shell, security has layers — review code before you run it.
latestvk977rfdjnzn548fg6fym7h9gk183bn3q
License
MIT-0
Free to use, modify, and redistribute. No attribution required.