ClawHub

Feishu Cards

v1.0.0

Send customizable interactive Feishu cards with titles, content, buttons, and color templates via Feishu Open API for users or group chats.

0· 451·6 current·6 all-time
bySeeTheRainBow@seetherianbow
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md and the two Python modules all consistently implement Feishu card construction and sending. The required capabilities (HTTP requests to Feishu APIs) match the stated purpose. However the repository includes a hard-coded APP_ID and APP_SECRET used as defaults, which is surprising because the registry metadata lists no primary credential and the SKILL.md only describes optional env vars. That mismatch is noteworthy.
Instruction Scope
SKILL.md and the code instruct the agent to build and POST Feishu interactive card JSON to Feishu endpoints. The runtime instructions do not tell the agent to read arbitrary user files or other unrelated environment variables, nor to transmit local data to unknown third-party endpoints. Button callbacks may open external URLs (the simple sender builds example.com links), and SKILL.md warns that a callback server is needed for full interactivity.
Install Mechanism
There is no install spec that downloads external artifacts; this is effectively instruction + included source code. No external archives or installers are fetched during install, lowering installation risk.
!
Credentials
SKILL.md documents two optional environment variables (FEISHU_APP_ID and FEISHU_APP_SECRET). But feishu_card_sender.py contains hard-coded defaults (APP_ID and APP_SECRET values embedded in source). That creates a hidden credential default: if the user does not set env vars, the skill will use the embedded credentials to call Feishu on the user's behalf. The registry metadata did not declare a primary credential. Hard-coded secrets in published code are a security and provenance concern and may result in unexpected message sending under someone else's app.
Persistence & Privilege
Skill is not always:true and does not request persistent system-wide configuration changes. It doesn't modify other skills or agent-wide settings and has no special OS privileges.
What to consider before installing
This skill appears to do what it says (send Feishu interactive cards) but it includes an embedded FEISHU_APP_ID and FEISHU_APP_SECRET in the source. Before installing, do the following: 1) Treat the embedded secret as a red flag — ask the publisher who owns that app/secret and whether it's intended for public use. 2) Prefer to set your own FEISHU_APP_ID and FEISHU_APP_SECRET in environment variables; do not rely on the embedded defaults. 3) If you cannot verify the embedded credentials' owner, remove or overwrite them in the code before use. 4) Audit button URLs and any callback server you configure to avoid linking to malicious endpoints. 5) Consider running the sender in a sandbox or test Feishu account first to observe behavior. If you need help verifying the origin of the credentials or modifying the code to remove defaults, get developer assistance.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fwcssj30fsd4sbgezaywycs826jy7
451downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
SeeTheRainBow@seetherianbow
latest
Download

Feishu Cards

Send interactive cards to Feishu (飞书) directly via Feishu Open API.

When to Use

  • User wants to send rich interactive messages in Feishu
  • Need buttons, forms, or dropdown menus in messages
  • Want beautifully formatted messages with colors

Installation

clawhub install feishu-cards

Usage

CLI

# Basic card
feishu-cards --to "ou_xxx" --title "标题" --content "内容"

# With buttons
feishu-cards --to "ou_xxx" --title "任务" --content "有新任务" --buttons "处理,稍后"

# Custom color
feishu-cards --to "ou_xxx" --title "警告" --content "注意" --template "red"

# To chat
feishu-cards --to "oc_xxx" --type "chat_id" --title "群通知" --content "大家好"

As Python Module

from feishu_card_sender import FeishuCardSender

sender = FeishuCardSender()
result = sender.send(
    recipient_id="ou_xxx",
    title="任务提醒",
    content="你有一个新任务",
    buttons=["立即处理", "稍后提醒"],
    template="blue"
)

Options

FlagDescriptionDefault
--toRecipient ID (user or chat)Required
--typeID type: open_id, user_id, chat_idopen_id
--titleCard titleRequired
--contentCard content textRequired
--buttonsComma-separated buttonsNone
--templateColor: blue, green, red, yellow, greyblue
--noteOptional noteNone

Card Elements

  • Header - Title with color template
  • Content - Main text (plain text format)
  • Buttons - Interactive buttons (primary/default types)
  • Note - Additional info with icon

Button Types

  • primary - Blue button (first button)
  • default - Gray button (other buttons)

Examples

Task Notification

python3 feishu_card_sender.py \
  --to "ou_9d00de9a95a2fb69c425f0a39930c67a" \
  --title "📋 任务通知" \
  --content "你有一个新任务待处理" \
  --buttons "立即处理,稍后提醒" \
  --template "blue"

Alert Card

python3 feishu_card_sender.py \
  --to "ou_xxx" \
  --title "⚠️ 警告" \
  --content "账户存在异常登录" \
  --template "red" \
  --buttons "查看详情"

Requirements

  • Python 3.7+
  • requests library

Install: pip install requests

Configuration

Credentials are read from environment variables (optional):

  • FEISHU_APP_ID
  • FEISHU_APP_SECRET

Defaults to OpenClaw's configured Feishu app.

Notes

  • Cards work in Direct Messages and group chats
  • Buttons open URLs (configure your callback server for full interactivity)
  • Maximum card size: 45KB

Made for ClawHub

Comments

Loading comments...