ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Feishu Toolkit

Complete Feishu (Lark) integration toolkit for AI agents. Read/write documents, fetch chat history, send files & screenshots, manage permissions, and create...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 294 · 1 current installs · 1 all-time installs
by@ye4wzp
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the SKILL.md: it uses Feishu APIs to read/write Docs/Sheets/Wiki, fetch IM history, upload/send files, manage permissions, and create reminders—these all legitimately require a Feishu app ID/secret and API calls. However, the registry metadata lists no required environment variables or primary credential while the SKILL.md explicitly asks for FEISHU_APP_ID and FEISHU_APP_SECRET. Also the skill includes platform-specific behavior (macOS screenshot) which is not mentioned in registry metadata.
!
Instruction Scope
Most instructions are explicit REST/API calls to Feishu endpoints (expected). Concerns: 1) The screenshot flow runs a local 'screencapture' command on macOS and writes a file in $TMPDIR — this reads the user's screen and local filesystem and could capture sensitive information. 2) The 'cron add' example references a 'cron' CLI with flags (--session, --system-event) but never explains what tool provides this command or where scheduled tasks run; that ambiguity could allow persistent or background actions beyond the user's intent. 3) SKILL.md tells the agent to use tenant access tokens (normal) but gives the agent instructions that, if executed autonomously, will access local resources and schedule recurring messages.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing is downloaded or written by an installer. That minimizes installation-time risk. Runtime actions (API calls, local screencapture) remain possible if the agent follows the instructions.
!
Credentials
The SKILL.md legitimately requires FEISHU_APP_ID and FEISHU_APP_SECRET (sensitive credentials) which are proportional to the stated Feishu integration. However, the registry metadata did not declare any required env vars or a primary credential — this mismatch reduces transparency and is a red flag. The app secret grants API access and should only be provided if you trust the skill and runtime environment; it should also be scoped to the minimum permissions needed.
Persistence & Privilege
The skill is not always-enabled (always:false) and does not request system-wide configuration changes in the manifest. That said, the 'cron' scheduling behavior could enable persistent scheduled actions if the agent or runtime executes it; the skill does not explain whether scheduling is local to the agent runtime or managed elsewhere, so confirm how scheduled tasks are implemented before granting broad permissions.
Scan Findings in Context
[no_regex_findings] expected: The static scanner found nothing because this is an instruction-only skill (only SKILL.md present). That absence of findings is not evidence of safety; the SKILL.md itself is the primary runtime surface to review.
What to consider before installing
Before installing or providing secrets: 1) Ask the publisher for a source repo or homepage and request that registry metadata be updated to declare FEISHU_APP_ID and FEISHU_APP_SECRET so requirements are transparent. 2) Only create a Feishu app with the minimum required scopes and consider using an app/account limited to a test workspace. 3) Confirm what the 'cron' command refers to and where scheduled tasks run—do not allow hidden background scheduling without understanding the runtime. 4) The screenshot step uses macOS 'screencapture' and will capture local screen contents; avoid running that on machines with sensitive data unless you trust the skill and runtime. 5) If you decide to proceed, store credentials in a revocable way and plan to rotate/revoke the FEISHU_APP_SECRET if you uninstall the skill or if anything suspicious occurs. 6) If you cannot verify the publisher or the missing metadata is not corrected, treat this skill as untrusted and avoid installing it in production or on machines with sensitive information.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk979j8gxra0abpp2hb3eaxx64182pc4v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Feishu Toolkit (飞书工具箱)

A comprehensive Feishu (Lark) integration skill for AI agents. Covers 6 major capabilities:

  1. 📄 Document Operations — Read, create, write, and append Feishu Docs, Sheets, Bitable, Wiki
  2. 💬 Chat History — Fetch and summarize group chat messages
  3. 📎 File Sending — Upload and send files to Feishu chats via REST API
  4. 📸 Screenshot — Capture macOS screenshots and send to Feishu
  5. 🔐 Permission Management — List, add, remove document collaborators
  6. ⏰ Cron Reminders — Create scheduled recurring reminders to Feishu chats

Prerequisites

Feishu App Setup

  1. Go to Feishu Open Platform and create an app
  2. Enable required permissions:
    • im:message:send_as_bot — Send messages
    • im:resource — Upload files/images
    • docx:document — Read/write documents
    • drive:permission — Manage permissions (optional)
  3. Set FEISHU_APP_ID and FEISHU_APP_SECRET environment variables

Authentication

All API calls use Feishu's tenant access token:

import requests

def get_tenant_token(app_id, app_secret):
    r = requests.post(
        'https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal',
        json={'app_id': app_id, 'app_secret': app_secret}
    )
    return r.json()['tenant_access_token']

1. Document Operations (Read/Write/Create/Append)

Read a Document

# Fetch document content as Markdown
# Supports: doc, docx, sheet, bitable, wiki
GET /open-apis/docx/v1/documents/{document_id}/raw_content

Create a Document

POST /open-apis/docx/v1/documents
Body: {"title": "My Document"}

Write (Overwrite) a Document

# Overwrite entire document content with Markdown
POST /open-apis/docx/v1/documents/{document_id}/blocks/batch_update

Append Content (Long Documents)

For documents exceeding LLM output limits:

  1. Create the document first to get a doc_token
  2. Chunk content into logical sections
  3. Append each chunk sequentially
  4. Do NOT try to write the entire document in one call if it is very long

Wiki URL Resolution

Wiki URLs need to be resolved to actual document tokens first:

POST /open-apis/wiki/v2/spaces/get_node
Body: {"token": "wiki_token"}
# Returns the actual doc_token and doc_type

2. Chat History

Fetch and summarize messages from a Feishu group chat.

Fetch Messages

# GET /open-apis/im/v1/messages
params = {
    'container_id_type': 'chat',
    'container_id': chat_id,
    'page_size': 50
}

Message Types

TypeHandling
textExtract .body.content JSON → text field
interactiveExtract text nodes from elements array
imageNote as [图片]
systemFilter out unless relevant

Pagination

If has_more=true, fetch more pages using page_token. Default: 50 messages per page.

3. File Sending

Send files to Feishu chats via REST API.

Upload File

# POST /open-apis/im/v1/files
headers = {'Authorization': f'Bearer {token}'}
data = {'file_type': 'stream', 'file_name': 'filename.ext'}
files = {'file': ('filename.ext', open(path, 'rb'), 'application/octet-stream')}

Supported file_type: opus, mp4, pdf, doc, xls, ppt, stream (generic)

Send File Message

# POST /open-apis/im/v1/messages
json = {
    'receive_id': chat_id,
    'msg_type': 'file',
    'content': json.dumps({'file_key': file_key})
}

4. Screenshot & Send

Capture macOS screenshots and send to Feishu.

# 1. Capture screenshot
SCREENSHOT_PATH="$TMPDIR/screenshot_$(date +%s).png"
screencapture -x "$SCREENSHOT_PATH"

# 2. Upload image
# POST /open-apis/im/v1/images
# data: image_type=message, file=screenshot

# 3. Send image message
# POST /open-apis/im/v1/messages
# msg_type: image, content: {"image_key": "..."}

Note: Use $TMPDIR not /tmp on macOS.

5. Permission Management

Manage document/file permissions.

Actions

ActionDescription
listList all collaborators
addAdd collaborator with permission level
removeRemove a collaborator

Token Types

doc, docx, sheet, bitable, folder, file, wiki, mindnote

Member Types

email, openid, userid, unionid, openchat, opendepartmentid

Permission Levels

LevelDescription
viewView only
editCan edit
full_accessFull access (can manage permissions)

Example: Share document

# POST /open-apis/drive/v1/permissions/{token}/members
params = {'type': 'docx'}
json = {
    'member_type': 'email',
    'member_id': 'user@company.com',
    'perm': 'edit'
}

Note: Permission management is sensitive. Use with caution.

6. Cron Reminders

Create recurring scheduled reminders to Feishu chats.

Before Creating

Always confirm with the user:

  1. Frequency: How often? (e.g., every 10 min, every hour, daily at 9am)
  2. Target: Where to send? (default: current IM conversation)

Template

cron add \
  --name "<task_name>" \
  --every "<interval>" \
  --session main \
  --system-event "[CRON] <task_name>. Send message to Feishu: '<reminder_content>'"

Interval Examples

IntervalDescription
1mEvery minute
5mEvery 5 minutes
30mEvery 30 minutes
1hEvery hour
*/30 * * * *Cron expression (with --tz)

Management

cron list          # List all tasks
cron edit <id>     # Edit task
cron rm <id>       # Delete (ask user first!)
cron runs --id <id> # View execution history
cron run <id>      # Manual trigger

API Reference

APIMethodPath
Tenant TokenPOST/auth/v3/tenant_access_token/internal
Read DocumentGET/docx/v1/documents/{id}/raw_content
Create DocumentPOST/docx/v1/documents
Send MessagePOST/im/v1/messages
Upload FilePOST/im/v1/files
Upload ImagePOST/im/v1/images
List MessagesGET/im/v1/messages
Manage PermissionsPOST/drive/v1/permissions/{token}/members
Resolve WikiPOST/wiki/v2/spaces/get_node

Base URL: https://open.feishu.cn/open-apis

Notes

  • All APIs require tenant_access_token in the Authorization header
  • File upload uses multipart/form-data
  • Message sending uses application/json
  • Bot can only download files it uploaded itself
  • For detailed API docs, visit: https://open.feishu.cn/document

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…