Feishu Send Message
v1.0.5Send messages via Feishu using the current Agent's credentials, supporting private and group chats with independent identity display to solve open_id isolation.
⭐ 0· 95·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description claim to send Feishu messages using an Agent's credentials, and the included send.sh and SKILL.md implement exactly that. One minor mismatch: the README/SKILL.md repeatedly claim 'zero configuration / download-and-run', but the skill actually requires a configured Feishu App (App ID and App Secret) stored in ~/.openclaw/openclaw-{agentId}.json. This is documented in the SKILL.md, but the 'zero configuration' wording can be misleading.
Instruction Scope
Runtime instructions direct the agent (or operator) to read the Agent config file, optionally add hooks to that config, restart a per-user systemd service, and (optionally) inspect journalctl to discover open_id values. These actions are within the stated purpose (hooking the script into the Agent runtime), but they require access to user config, user systemd services, and logs — so enabling automatic hooks grants the script an execution path on message receipt. The script itself performs only token-get and send requests to open.feishu.cn.
Install Mechanism
No install spec; this is instruction-only plus a simple shell script. No downloads or archive extraction are performed by the skill itself.
Credentials
No environment variables or extra credentials are requested by the registry metadata. The script reads App ID and App Secret from the Agent configuration file (~/.openclaw/openclaw-{agentId}.json) — this is proportional to sending messages as the Agent. Be aware that giving the skill access to that config file exposes any secrets stored there (App Secret or other fields). The skill requires jq and curl (declared in clawhub.yaml).
Persistence & Privilege
always:false and model invocation are default. The skill does not force permanent installation. The SKILL.md suggests adding hooks to the Agent config which would enable automatic invocation; that is a user action and not done by the skill itself.
Assessment
This skill appears to do what it says: it reads ~/.openclaw/openclaw-{agentId}.json for a Feishu App ID and App Secret, obtains a tenant token, and posts messages to open.feishu.cn. Before installing or enabling automatic hooks: (1) inspect send.sh (you already have it) and confirm it only calls https://open.feishu.cn and doesn't exfiltrate elsewhere (it doesn't); (2) ensure the Agent config file contains only intended secrets — granting the skill access to that file allows the script to use those credentials; (3) prefer manual invocation first (run ./send.sh) before enabling hooks/automatic restart of services; (4) if you enable hooks, be aware messages may be sent automatically when triggers fire — limit hook scope and review logs; (5) ensure jq and curl are installed and that file permissions on ~/.openclaw/openclaw-{agentId}.json restrict access. If you are unsure about giving the skill access to the Agent config (which holds App Secret), test in an isolated environment or create a Feishu app with limited permissions for testing.Like a lobster shell, security has layers — review code before you run it.
latestvk97ezrexpm0tm8v530dz82kfj9838ctt
License
MIT-0
Free to use, modify, and redistribute. No attribution required.