Feishu(Lark)Multi-Agent Tool-Use Patch
v1.0.0One-time/on-demand patch for openclaw-lark (no webhook LarkTicket paths). Implements agent-session-context, session-key-feishu, syncTicketContextForToolClien...
⭐ 0· 150·0 current·0 all-time
byHardCoreDragon@zouxiao7777
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Feishu/Lark multi-agent patch) matches the instructions: the SKILL.md documents code edits inside an openclaw-lark extension to address sessionKey/ticket/tool-client identity issues. It does not request unrelated credentials or binaries.
Instruction Scope
The SKILL gives the agent broad permission to locate and modify many source files in the user's openclaw-lark extension (create two new files, modify core modules, propagate a toolCallId across callsites). That scope is appropriate for a code patch and the document repeatedly requires explicit user consent and a strict acceptance protocol, but it does authorize substantial disk-level edits — the user should ensure backups and review diffs before restart. The document also suggests optionally running `npx -y @larksuite/openclaw-lark install` as a recovery step (explicit user confirmation required), which is consistent with the stated purpose.
Install Mechanism
There is no install spec and no code files embedded in the skill bundle; it is instruction-only. No downloads, package installs, or extracted archives are demanded by the skill itself (the optional npx reinstall is an explicit recovery action and not part of an install pipeline embedded in the skill).
Credentials
The skill does not request environment variables, credentials, or config paths. It references local project files (openclaw.json, sessions.json) which are relevant to the patch. Optional use of `npx`/Node for reinstall is reasonable and explicitly gated by user confirmation.
Persistence & Privilege
The skill is not always-enabled; defaults are normal. It explicitly recommends being used as a one-time/temporary skill and warns against leaving it in the OpenClaw skills list. It does not ask to modify other skills' configs or take permanent platform-wide privileges.
Assessment
This skill is an instruction-only one-time patch that will edit the openclaw-lark extension on disk. It does not ask for credentials or silently download code, but it does authorize wide file edits — before allowing an agent to run it: 1) make a git commit or backup the plugin directory, 2) require the explicit confirmation step the SKILL.md mandates, 3) review the agent's proposed diffs before saving changes, 4) do not leave this skill permanently enabled in OpenClaw (follow the doc’s temporary-load guidance), and 5) be aware that running the optional `npx -y @larksuite/openclaw-lark install` will overwrite local edits (only run that with explicit acceptance). If you are uncomfortable giving an agent write access to your repository, perform the edits yourself or run the skill in a local AI-assisted dev tool where you control file commits.Like a lobster shell, security has layers — review code before you run it.
latestvk9783he41gyes76g5z99r6kevs83r8ev
License
MIT-0
Free to use, modify, and redistribute. No attribution required.