MiniMax Feishu Music
v1.4.0Generate themed music with lyrics using MiniMax music-2.6 and send as a high-quality MP3 audio attachment to a Feishu user.
⭐ 0· 94·0 current·0 all-time
byxRay@raydoomed
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (generate music and send to Feishu) aligns with the included script and APIs (MiniMax and Feishu). The skill legitimately needs a MiniMax API key (documented in music_config.json) and some way to send to Feishu. However, the script reads ~/.openclaw/openclaw.json to extract Feishu app_id/app_secret even though SKILL.md does not document needing or creating that file; this is an unexplained requirement.
Instruction Scope
SKILL.md documents creating music_config.json and running the script, and mentions using openclaw to send the file. It does NOT mention that the script will read ~/.openclaw/openclaw.json to extract Feishu app credentials and call Feishu's token endpoint. The code therefore accesses additional local config/credentials that are not declared in the instructions — scope creep and a surprise to users.
Install Mechanism
No install spec; this is an instruction-only skill with a helper script. Nothing is written to disk by an installer. The script does write generated MP3s to ~/.openclaw/workspace/songs (expected for workspace artifacts).
Credentials
The skill documents the MiniMax API key in music_config.json (proportionate). It does not document or declare access to OpenClaw's main config (~/.openclaw/openclaw.json), which the script reads to extract Feishu appId/appSecret. Requesting those credentials is potentially reasonable for sending messages, but the absence of any mention in SKILL.md is an unexplained and disproportionate access to local credentials. Additionally, the script retrieves a Feishu tenant token but then uses the openclaw CLI to send the message, making the direct credential access redundant and suspicious (could be accidental or a code smell).
Persistence & Privilege
Skill does not request always:true, has no install step that modifies other skills, and does not persist new agent-wide configuration. It writes output files to the user's workspace only (expected).
What to consider before installing
This skill's purpose (generate music and send to Feishu) is reasonable, but the helper script reads your OpenClaw config (~/.openclaw/openclaw.json) to pull Feishu app_id/app_secret without documenting that behavior — that file may contain sensitive credentials. Before installing or running: 1) verify the author/source (unknown here); 2) inspect ~/.openclaw/openclaw.json to confirm what secrets are stored and whether you want them accessed; 3) consider running the script in an isolated environment or sandbox; 4) ask the maintainer why the script fetches Feishu credentials directly (the script also calls openclaw CLI to send the file, so direct credential use looks redundant and may be a bug); and 5) if you don't want the skill to access your OpenClaw credentials, modify the script to rely solely on the openclaw CLI or explicitly document and approve the credential use. If you cannot validate the source or reason for the extra access, avoid installing or running this skill with real credentials.Like a lobster shell, security has layers — review code before you run it.
latest
MiniMax Music Generation
Generate music using MiniMax music-2.6 (text-to-music) or music-cover (cover/lyrics-swap) model and send as Feishu MP3 attachment.
Two Generation Modes
1. Text-to-Music (music-2.6) — 从零生成
根据 prompt + lyrics 全新生成歌曲。
2. Cover (music-cover) — 保留旋律换歌词
上传参考音频,保留原曲旋律和结构,只换歌词内容。适合:修正歌词、保留原版风格。
Setup
Configure music_config.json
Create ~/.openclaw/workspace/skills/minimax-feishu-music/music_config.json:
{
"api_key": "YOUR_MINIMAX_API_KEY"
}
Lyrics Structure Tags
lyrics 使用 \n 分隔每行,支持以下结构标签:
| 标签 | 含义 | 作用 |
|---|---|---|
[Intro] | 前奏 | 歌曲开头,引出主题 |
[Verse] | 主歌 | 叙事部分,讲述故事 |
[Pre Chorus] | 预副歌 | 主歌到副歌的过渡 |
[Chorus] | 副歌 | 高潮部分,旋律最突出 |
[Interlude] | 间奏 | 歌曲中间的纯音乐过渡 |
[Bridge] | 桥段 | 打破重复,增加层次 |
[Outro] | 尾奏 | 歌曲结尾渐弱结束 |
[Post Chorus] | 后副歌 | 主歌后的副歌变体 |
[Transition] | 转接 | 段落间的过渡 |
[Break] | 停顿 | 突然的静默,制造戏剧效果 |
[Hook] | 记忆点 | 最抓耳的旋律/歌词 |
[Build Up] | 渐强 | 逐渐积累能量推向高潮 |
[Inst] | 纯音乐 | instrumental,无人声 |
[Solo] | 独奏 | 乐器solo段落 |
Song Structure
歌曲结构由歌词内容和情感节奏决定,不按固定类型选择。根据以下判断:
- 叙事性强的歌词(讲故事)→ 多用
[Verse]+[Chorus] - 情绪递进强烈 → 加入
[Pre Chorus][Build Up][Break] - 有器乐展示需求 → 加入
[Interlude][Solo] - 情感冲击大 → 加入
[Hook][Bridge][Post Chorus] - 自然结束 → 结尾用
[Outro];突然打断 →[Break]
用户说"完整版"时,默认使用包含全部标签的完整结构,但可根据歌词内容适当增删标签,以最适合歌曲为准。
Quick Use
从零生成(music-2.6)
python3 ~/.openclaw/workspace/skills/minimax-feishu-music/skill-scripts/send_feishu_music.py \
--prompt "<音乐风格描述>" \
--lyrics "<歌词内容>" \
--title "<文件名.mp3>" \
<飞书用户的open_id>
翻唱模式(music-cover)— 保留旋律换歌词
python3 ~/.openclaw/workspace/skills/minimax-feishu-music/skill-scripts/send_feishu_music.py \
--cover "<参考音频文件路径>" \
--prompt "<目标音乐风格描述>" \
--lyrics "<新歌词内容>" \
--title "<文件名.mp3>" \
<飞书用户的open_id>
翻唱示例:
python3 ~/.openclaw/workspace/skills/minimax-feishu-music/skill-scripts/send_feishu_music.py \
--cover "/Users/ray/.openclaw/workspace/songs/original_song.mp3" \
--prompt "轻柔抒情流行,温柔女声,慢节奏" \
--lyrics "[Intro]
(Ooh-ooh)
(Yeah)
[Verse]
黄昏的咖啡店门口
风铃轻轻摇晃
你从远处走来
Smiling face, so beautiful
[Pre Chorus]
心跳突然加速
想说的话在嘴边
[Chorus]
风吹过街角
带走了沉默
你是我最想留住的温度
Be with you, always
[Outro]
就这样一直唱下去
唱到我们都老去" \
--title "cover_song.mp3" \
"<open_id>"
API Parameters
| 参数 | 说明 |
|---|---|
model | music-2.6 或 music-cover |
prompt | 音乐风格描述(cover 模式必填,10-300字符) |
lyrics | 歌词,必须包含 \n 分隔,标签首字母大写 |
--cover | 参考音频文件路径(仅 cover 模式,脚本自动处理 base64) |
audio_setting.format | 固定为 mp3 |
audio_setting.sample_rate | 44100 |
audio_setting.bitrate | 256000 |
Comments
Loading comments...