feishu-user

Feishu document operations (User Access Token version). Use user access token for authentication. When you need to read, create, write, or append Feishu docu...

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 463 · 1 current installs · 1 all-time installs

byAIWareTop@HackSing

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description (Feishu document operations) match the included code and SKILL.md. The files implement REST calls to Feishu Open API for reading/creating/updating document blocks and token management; nothing in the package asks for resources unrelated to Feishu.

✓

Instruction Scope

SKILL.md instructs the agent to call Feishu APIs, run the included token helper, and read a token cached at ~/.config/claw-feishu-user/config.json. All referenced files, paths, and network endpoints are consistent with the stated purpose; no instructions attempt to read unrelated system files or send data to non-Feishu endpoints.

✓

Install Mechanism

This is an instruction-only skill with two small Python scripts; dependencies are limited to the public requests package (installed via pip). There is no download-from-URL or archive extraction, and no installer that writes arbitrary binaries.

✓

Credentials

The skill does not declare or require environment variables, and it uses app_id/app_secret supplied at runtime (via CLI or parameters) which is appropriate for OAuth flows. It caches tokens to a user config file — expected for a token manager — and does not request unrelated secrets.

ℹ

Persistence & Privilege

The skill writes token state to ~/.config/claw-feishu-user/config.json for caching (normal for a token helper). It does not request always:true nor modify other skills or system-wide settings. Users should be aware tokens are stored in plaintext under the user home directory.

Assessment

This skill appears to do what it says: a Feishu document client plus a token manager. Before installing or running it, consider: (1) the token manager saves access_token and refresh_token to ~/.config/claw-feishu-user/config.json in plaintext — ensure that file's permissions are restricted and you trust the environment; (2) provide your App Secret only on machines you control (don't paste it into shared terminals); (3) the code talks only to official Feishu endpoints (open.feishu.cn / accounts.feishu.cn); (4) if you need stricter secrecy, store tokens in a secrets manager rather than the local config file. Otherwise, the package is internally consistent and proportionate to its purpose.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.1

Download zip

latestvk979w00rdy6rpg8x799wa9q3ah81n75c

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Feishishu document operations using useru User

Fe access token authentication. Call Feishu Open API directly via REST API.

Install Dependencies

pip install requests

Quick Start

from feishu_client import FeishuClient

# Initialize client
client = FeishuClient(user_access_token="u-xxx")

Get User Access Token

Step 1: Get App Credentials from Feishu Open Platform

Prepare the following:

APP_ID - App ID (from Feishu Open Platform app settings)
APP_SECRET - App Secret (from Feishu Open Platform app settings)
REDIRECT_URI - Authorization callback URL

Enable these permissions:

docx:document - Document operations
drive:drive.search:readonly - Cloud drive search
search:docs:read - Document search

Step 2: Generate Authorization URL

https://accounts.feishu.cn/open-apis/authen/v1/authorize?client_id={YOUR_APP_ID}&response_type=code&redirect_uri={YOUR_REDIRECT_URI}&scope=docx%3Adocument%20drive%3Adrive.search%3Areadonly%20search%3Adocs%3Aread

Step 3: Exchange for Token

curl -X POST "https://open.feishu.cn/open-apis/authen/v1/access_token" \
  -H "Content-Type: application/json" \
  -d '{
    "grant_type": "authorization_code",
    "code": "{YOUR_CODE}",
    "app_id": "{YOUR_APP_ID}",
    "app_secret": "{YOUR_APP_SECRET}"
  }'

The returned access_token is your user_access_token.

Usage Examples

from feishu_client import FeishuClient

# Initialize
client = FeishuClient(user_access_token="u-xxx")

# Read document
content = client.read_doc("doc_token")
print(content)

# Create document
new_token = client.create_doc("My New Document")
print(f"New document: {new_token}")

# Write document
client.write_doc("doc_token", "# Title\n\nContent")

# Append content
client.append_doc("doc_token", "## New Section\n\nMore content")

# List all blocks
blocks = client.list_blocks("doc_token")
for block in blocks:
    print(block)

# Get specific block
block = client.get_block("doc_token", "block_id")

# Update block
client.update_block("doc_token", "block_id", "New content")

# Delete block
client.delete_block("doc_token", "block_id")

Convenience Functions

Don't want to create a client? Use functions directly:

from feishu_client import read_document, create_document, write_document, append_document

# Read
content = read_document("doc_token", user_access_token="u-xxx")

# Create
new_token = create_document("Title", user_access_token="u-xxx")

# Write
write_document("doc_token", "# Content", user_access_token="u-xxx")

# Append
append_document("doc_token", "## More", user_access_token="u-xxx")

API Reference

FeishuClient

Method	Description
`read_doc(doc_token)`	Read document content
`create_doc(title, folder_token)`	Create new document
`write_doc(doc_token, content)`	Write document (overwrite)
`append_doc(doc_token, content)`	Append content to end
`list_blocks(doc_token)`	List all blocks
`get_block(doc_token, block_id)`	Get specific block
`update_block(doc_token, block_id, content)`	Update block content
`delete_block(doc_token, block_id)`	Delete block

Notes

user_access_token has an expiration time, needs periodic refresh
The scope in authorization URL must be enabled in Feishu Open Platform
This skill accesses personal cloud documents using user identity

Token Auto Refresh

Use feishu_token.py script for automatic token refresh.

Install Dependencies

pip install requests

First Authorization

# 1. Generate authorization URL
python feishu_token.py --app-id YOUR_APP_ID --app-secret YOUR_SECRET --redirect-uri YOUR_REDIRECT_URI --url

After user authorizes, will callback to YOUR_REDIRECT_URI?code=XXX

# 2. Use authorization code to get token
python feishu_token.py --app-id YOUR_APP_ID --app-secret YOUR_SECRET --code AUTH_CODE

Token is automatically saved to ~/.config/claw-feishu-user/config.json

Refresh Token

python feishu_token.py --app-id YOUR_APP_ID --app-secret YOUR_SECRET --refresh

In Code

import json
import os

# Read cached token
config_path = os.path.expanduser("~/.config/claw-feishu-user/config.json")
with open(config_path) as f:
    config = json.load(f)

# Use token
client = FeishuClient(user_access_token=config["access_token"])

Files

3 total

Select a file

Select a file to preview.

Comments

Loading comments…

feishu-user

License

SKILL.md

Feishishu document operations using useru User

Install Dependencies

Quick Start

Get User Access Token

Step 1: Get App Credentials from Feishu Open Platform

Step 2: Generate Authorization URL

Step 3: Exchange for Token

Usage Examples

Convenience Functions

API Reference

FeishuClient

Notes

Related Links

Token Auto Refresh

Install Dependencies

First Authorization

Refresh Token

In Code

Files

Comments