ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Feishu Doc Batch Export

v1.0.0

批量导出飞书文档(docx)到本地Markdown格式,支持保留文档格式、图片、链接,支持指定文件夹/文档链接批量导出。触发场景:当用户需要导出飞书文档、批量下载飞书文档、飞书文档转Markdown时使用。

0· 78·0 current·0 all-time
by@technologyliu

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for technologyliu/feishu-doc-batch-export.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Feishu Doc Batch Export" (technologyliu/feishu-doc-batch-export) from ClawHub.
Skill page: https://clawhub.ai/technologyliu/feishu-doc-batch-export
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install feishu-doc-batch-export

ClawHub CLI

Package manager switcher

npx clawhub@latest install feishu-doc-batch-export
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The stated purpose (Feishu doc batch export) is consistent with the included code: scripts/export.py calls the Feishu API to fetch documents and images and convert HTML to Markdown. However the package metadata/registry claims no required environment variables while both SKILL.md and the code require FEISHU_APP_ID and FEISHU_APP_SECRET. Also the README/description advertises folder/batch export and recursive export but the script explicitly prints that folder export is 'under development' — advertised capabilities do not match the implementation.
!
Instruction Scope
SKILL.md instructs the agent/user to set FEISHU_APP_ID and FEISHU_APP_SECRET and to run python scripts/export.py. The runtime instructions do not ask for unrelated files or secrets beyond the Feishu app creds, and network calls are limited to Feishu endpoints and image URLs. However SKILL.md shows CLI flags (--recursive, folder export) that the implemented main() does not support; that's scope creep/false promise in the instructions.
Install Mechanism
No install spec is provided (instruction-only + included code). Dependencies are minimal and listed in requirements.txt (requests, markdownify). Nothing is downloaded from arbitrary URLs or installed silently — lowest-risk install mechanism, but code will perform network I/O at runtime.
!
Credentials
The code legitimately requires FEISHU_APP_ID and FEISHU_APP_SECRET to call the Feishu API (proportionate for the claimed functionality). The problem is the registry metadata lists no required environment variables or primary credential, which is inconsistent and risks surprising users into supplying credentials without clear disclosure in the registry entry.
Persistence & Privilege
The skill does not request elevated privileges or permanent/always-on presence. always:false and default autonomous invocation are normal. The skill does not modify other skills or system-wide agent settings.
What to consider before installing
This skill contains code that calls Feishu APIs and requires FEISHU_APP_ID and FEISHU_APP_SECRET (the registry metadata failing to declare these is a red flag). Before installing or running: (1) do not supply production admin credentials — create a dedicated Feishu app with only docx:readonly and drive:readonly and limited scope for testing; (2) verify the code yourself (scripts/export.py is short) or run it in an isolated environment/container; (3) note that folder/recursive export is advertised but not implemented — expect single-document export only; (4) if you will provide app secrets, prefer rotating secrets and revoke the test app after use; (5) ask the publisher to correct registry metadata and SKILL.md to accurately reflect current functionality, and only proceed if you trust the code or have audited it.

Like a lobster shell, security has layers — review code before you run it.

exportvk970xd59d6mc65a8s9wma4ep0s8432ksfeishuvk970xd59d6mc65a8s9wma4ep0s8432kslatestvk970xd59d6mc65a8s9wma4ep0s8432ksmarkdownvk970xd59d6mc65a8s9wma4ep0s8432ksproductivityvk970xd59d6mc65a8s9wma4ep0s8432kstoolsvk970xd59d6mc65a8s9wma4ep0s8432ks
78downloads
0stars
1versions
Updated 3w ago
v1.0.0
MIT-0
@technologyliu
exportfeishulatestmarkdownproductivitytools
Download

飞书文档批量导出技能

核心功能

  1. 支持单个文档导出:输入飞书文档链接,直接导出为Markdown文件
  2. 支持文件夹批量导出:输入飞书文件夹链接,导出文件夹下所有docx文档
  3. 自动保留格式:标题、列表、表格、粗体、斜体、链接格式完全保留
  4. 自动下载图片:文档内图片自动下载到本地assets目录,Markdown内路径自动替换
  5. 错误重试:导出失败自动重试3次,支持导出日志输出

使用方法

基本命令

# 导出单个文档
python scripts/export.py --url <飞书文档链接> --output <本地输出目录>

# 导出文件夹下所有文档
python scripts/export.py --url <飞书文件夹链接> --output <本地输出目录> --recursive

参数说明

  • --url: 飞书文档/文件夹的公开链接或有权限访问的链接
  • --output: 本地导出目录,默认当前目录下的feishu_export文件夹
  • --recursive: 是否递归导出子文件夹内容,默认false
  • --keep-html: 是否同时保留原始HTML文件,默认false

依赖要求

提前配置飞书应用权限:

  1. 飞书自建应用需要开通docx:readonlydrive:readonly权限
  2. 环境变量配置FEISHU_APP_IDFEISHU_APP_SECRET

注意事项

  • 仅支持docx格式的飞书文档,不支持表格、思维笔记、幻灯片等其他格式
  • 导出速度受飞书API限制,每分钟最多导出10个文档
  • 大文档导出时间较长,请耐心等待

Comments

Loading comments...