ClawHub

Feishu Reading Task

v1.0.0

飞书待阅读任务自动创建技能。当用户说"加到待阅读任务"、"加入待读"、"mark as reading"等时, 自动根据当前对话人员创建飞书任务,并挂到该人员的待阅读清单中。 **触发词:** "加到待阅读任务"、"加入待读清单"、"mark as reading"、"待阅读"、"稍后阅读" **使用方式:**...

0· 63·1 current·1 all-time
by@partigle
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (create a 'to-read' Feishu task from conversation context) matches the included script and SKILL.md. The code builds a task payload and SKILL.md instructs calling a Feishu task creation tool (feishu_task_task), which is coherent for this purpose.
Instruction Scope
Runtime instructions are narrowly scoped: detect trigger phrases, extract sender_id and content, call the Feishu task creation API, and append an entry to memory/YYYY-MM-DD.md. These actions are within the stated purpose. Note: the SKILL.md expects an external 'feishu_task_task' API/tool to perform the actual network call; the included script only emits the payload.
Install Mechanism
Instruction-only skill with a small helper script; there is no install spec, no downloads, and no archive extraction. Risk from install mechanisms is minimal.
Credentials
The skill declares no required environment variables or credentials, which is reasonable if the hosting platform provides Feishu integration. The script's docstring mentions an optional FEISHU_USER_OPEN_ID env var, but the script does not read it — a minor inconsistency. If the platform does not provide Feishu credentials/tools, the skill as-is cannot complete the API call.
Persistence & Privilege
The skill does not request elevated persistence (always: false). It writes to a memory/YYYY-MM-DD.md file as part of normal operation, which is expected for a record/assistant memory and is within scope.
Assessment
This skill appears to do what it says: extract sender_id and content, build a Feishu task payload, and record the action in a local memory file. Before installing, confirm: (1) your agent platform provides the feishu_task_task integration or Feishu credentials — otherwise the payload printed by the script won't be sent; (2) you are comfortable that the skill will write entries to memory/YYYY-MM-DD.md (privacy of stored links/content); and (3) the minor doc inconsistency (mention of FEISHU_USER_OPEN_ID env var that the script does not actually read) is acceptable. If you need the skill to perform the API call directly, request or review an implementation that uses the platform's authenticated Feishu API (and verifies where credentials are stored).

Like a lobster shell, security has layers — review code before you run it.

latestvk97bt16578xcbmcrrm55m5yvpn83mtps

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments