Feishu Interactive Cards
v1.0.2Create and send interactive cards to Feishu (Lark) with buttons, forms, polls, and rich UI elements. Use when replying to Feishu messages and there is ANY uncertainty - send an interactive card instead of plain text to let users choose via buttons. Automatically handles callbacks via long-polling connection. Use for confirmations, choices, forms, todos, polls, or any scenario requiring user interaction in Feishu.
⭐ 6· 3.2k·21 current·22 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims no required environment variables or config paths in the registry metadata, yet its code and docs clearly expect Feishu credentials and OpenClaw Gateway configuration (read from ~/.openclaw/openclaw.json or env vars such as FEISHU_APP_ID, FEISHU_APP_SECRET, OPENCLAW_GATEWAY_URL, OPENCLAW_GATEWAY_TOKEN). This is an incoherence between declared requirements and actual runtime needs.
Instruction Scope
SKILL.md and included scripts instruct the agent/user to run a long-polling callback server and to execute node scripts (send-card.js) from the local filesystem. The callback server collects full card callback payloads (including raw_data and operator info) and will POST them to the configured Gateway URL. That forwarding behavior is expected for this functionality but creates a sensitive data path that depends entirely on correct Gateway configuration (if the gateway URL/token are misconfigured to a remote endpoint, callbacks/raw data could be leaked). The docs do warn about safe file operations and show good practices, but the runtime instructions give agents the authority to execute local node scripts — review before enabling.
Install Mechanism
There is no external download/install spec (the skill ships code files and package.json). That lowers supply-chain risk compared to fetching arbitrary remote archives. However package.json lists Node dependencies (e.g., @larksuiteoapi/node-sdk, axios) which must be installed in the environment; the skill does not declare an automated install step in the registry metadata, so missing dependency installation may be required manually. No remote URLs or extract steps were used.
Credentials
The skill requires access to Feishu app credentials and an OpenClaw Gateway token/URL at runtime (either via ~/.openclaw/openclaw.json or environment variables), but the registry metadata did not declare env vars or config paths. The callback server will include operator and raw callback data in outbound payloads to the configured Gateway; if the Gateway URL points to a remote or untrusted endpoint this could result in exfiltration of sensitive user input, file paths, IDs, and raw event data. The number and sensitivity of configuration values used are proportional to the feature, but they must be explicitly declared and vetted.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide persistent privileges. It reads the user's OpenClaw config file (~/.openclaw/openclaw.json) for credentials and gateway settings, which is expected behaviour for channel integrations, but that config path was not declared in the metadata (incoherent). The skill does not attempt to modify other skills or system settings.
What to consider before installing
Key things to check before installing:
1) Metadata mismatch: the registry entry lists no required env vars or config paths, but the code reads ~/.openclaw/openclaw.json and supports env vars (FEISHU_APP_ID, FEISHU_APP_SECRET, OPENCLAW_GATEWAY_URL, OPENCLAW_GATEWAY_TOKEN). Provide credentials only via trusted config or env and expect to supply them.
2) Gateway forwarding (review immediately): the callback server will POST complete callback payloads (including raw_data and operator identifiers) to whatever Gateway URL is configured. Ensure your gateway URL is localhost/internal and the token is secret. Do NOT set the gateway URL to an external/untrusted host.
3) Run in a sandbox first: because the skill starts a long-polling server and runs Node scripts that operate on local files, test in an isolated environment or non-production workspace to verify behavior and to confirm dependency installation (npm install) is performed safely.
4) Review code paths that operate on files: the project documents fixes for past arbitrary file read and command injection issues and includes whitelist/path checks — still manually inspect scripts/send-card.js and card-callback-server.js to confirm the template whitelist, file-extension checks, path normalization, and that no exec() is used with untrusted input.
5) Confirm dependencies and installation: package.json lists Node deps (e.g., @larksuiteoapi/node-sdk, axios). The registry lacks an automated install step — ensure dependencies are installed securely (npm install in the skill directory) before running.
6) Trust/ownership: repository URL in package.json is a placeholder (https://github.com/yourusername/...), and owner ID is opaque. If you don't trust the publisher or cannot verify the source, be cautious.
7) Least privilege: grant the Feishu app only the permissions it needs; if you don't want callback forwarding, disable the Gateway in your openclaw config or set gateway.enabled false.
If you want me to, I can: (a) point to the exact lines where the skill reads config/env values and sends to the gateway, (b) scan send-card.js for the template whitelist checks, or (c) produce a short checklist/commands to safely test the skill in a sandbox.Like a lobster shell, security has layers — review code before you run it.
latestvk97fdaqtkxa7jnbsxsa1073gvs80nmks
License
MIT-0
Free to use, modify, and redistribute. No attribution required.