Feishu Voice Skill
v1.0.1通过 Edge TTS 把文字转语音,发送到飞书。支持纯语音发送和文字+语音同时发送。环境变量配置,无硬编码凭证,完全免费无需 API Key。触发词:飞书语音、发语音、feishu voice、语音发送、文字转语音
⭐ 0· 80·0 current·0 all-time
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to convert text to speech and send to Feishu, which legitimately needs FEISHU_APP_ID and FEISHU_APP_SECRET. However the registry metadata lists no required environment variables or primary credential even though both the SKILL.md and the shipped scripts require FEISHU_APP_ID and FEISHU_APP_SECRET. That omission is an incoherence between claimed requirements and actual capabilities.
Instruction Scope
The SKILL.md and scripts stay within the stated purpose: they run edge-tts + ffmpeg locally, then call Feishu open APIs (https://open.feishu.cn) to upload and send audio. They create temporary files and use curl/python to parse responses. They do not read unrelated system files or attempt to access other credentials. Note: text is sent to an external TTS provider (edge-tts/Microsoft services) and to Feishu APIs — users should be aware their message content is transmitted externally.
Install Mechanism
There is no automated install spec (instruction-only plus two shell scripts). Dependencies are typical (edge-tts via pip, ffmpeg). No remote downloads or archive extraction are performed by the skill itself, which reduces install-time risk.
Credentials
The code requires sensitive environment variables (FEISHU_APP_ID and FEISHU_APP_SECRET) to obtain a tenant access token. Those credentials are appropriate for Feishu integration, but the registry metadata fails to declare them. This mismatch could lead users to install/run the skill without realizing they must provide secrets. The skill will transmit provided text to external services (TTS + Feishu) — disclose this to data owners and use least-privilege credentials.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does not modify other skills or system-wide agent settings. It only runs scripts when invoked.
What to consider before installing
This skill's behavior (sending TTS to Feishu) matches its code, but the registry metadata incorrectly omits required environment variables. Before installing: 1) do not use high-privilege or production Feishu credentials — create a dedicated app/account with minimal scopes and test there; 2) confirm you are comfortable that message text will be sent to external TTS services (edge-tts/Microsoft) and to Feishu; 3) verify the publisher's project URL (https://github.com/Mayiv-Ai/feishu-voice) and confirm the repo matches the packaged scripts; 4) request the publisher to update the registry metadata to declare FEISHU_APP_ID and FEISHU_APP_SECRET (and any other env vars) so required secrets are visible up front; 5) consider running the scripts in a sandboxed environment first. The code itself shows no obvious exfiltration beyond the described APIs, but the metadata omission is a practical security/usability concern.Like a lobster shell, security has layers — review code before you run it.
latest
Feishu Voice — 飞书语音发送工具
用 Edge TTS 把文字转语音,直接发到飞书。无需 API Key,完全免费。凭证通过环境变量传递,不硬编码。
依赖
edge-tts— Microsoft Edge TTSffmpeg— 音频格式转换(mp3 → opus)curl/python3
安装:
pip install edge-tts
# ffmpeg: apt install ffmpeg 或 brew install ffmpeg
配置(环境变量)
export FEISHU_APP_ID="cli_xxxxxx"
export FEISHU_APP_SECRET="xxxxxxxx"
export FEISHU_RECEIVE_ID="ou_xxxxx" # 或用群聊
使用方法
1. feishu-voice-send.sh(纯语音)
./feishu-voice-send.sh "你好,这是语音消息"
./feishu-voice-send.sh "你好" "ou_xxxxx" "zh-CN-YunxiNeural"
可用中文语音:
| 语音 | 说明 |
|---|---|
| zh-CN-XiaoxiaoNeural | 女声(晓晓) |
| zh-CN-YunxiNeural | 男声(云希) |
| zh-CN-XiaoyiNeural | 女声(晓伊) |
| zh-CN-YunyangNeural | 男声(云扬) |
2. feishu-send.sh(文字+语音同时发送)
./feishu-send.sh "详细文字内容..." "语音摘要,三句以内"
技术原理
文字 → Edge TTS → MP3 → FFmpeg(opus) → 飞书文件上传 → audio消息
- Edge TTS 把文字转成 MP3(免费、无需 API Key)
- FFmpeg 把 MP3 转成飞书要求的 OPUS 格式
- 上传到飞书获取 file_key
- 发送 audio 消息
安全说明
- 凭证通过环境变量传递,不硬编码
- 适合 CI/CD 和生产环境
交流群
永久邀请链接,加入后即可参与讨论、提问和获取更新通知。
项目地址
Comments
Loading comments...