ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Feishu Repair

v2.0.0

自动修复飞书-自动修复飞书群聊+自动修复会话 - 诊断 Gateway 连接、权限配置、消息投递问题

0· 82·0 current·0 all-time
byc32@amd5

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for amd5/feishu-repair.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Feishu Repair" (amd5/feishu-repair) from ClawHub.
Skill page: https://clawhub.ai/amd5/feishu-repair
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install feishu-repair

ClawHub CLI

Package manager switcher

npx clawhub@latest install feishu-repair
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's stated purpose (diagnose and repair OpenClaw Feishu channel) matches the code: it reads ~/.openclaw/openclaw.json backups, sets channels.feishu.* via the openclaw CLI, restarts the openclaw-gateway.service, and calls Feishu APIs. However, the registry metadata declares no required binaries or env vars while the script actually depends on systemctl/journalctl, the openclaw CLI, curl, and a POSIX sleep — the missing declared dependencies is an inconsistency.
Instruction Scope
SKILL.md and the script instruct the agent to read the user's ~/.openclaw config and backups, edit live OpenClaw config via 'openclaw config set', force-restart the Gateway service, inspect journalctl logs, and send validation messages to all configured group/user targets. These actions are within the stated repair scope, but they involve reading sensitive credentials and proactively messaging all contacts — behaviour that impacts privacy and production systems and should be explicitly consented to.
Install Mechanism
There is no install spec (instruction-only plus an included script). No remote downloads or archive extraction occur during install. The runtime script will be executed by the agent when invoked; that is expected for an instruction-only skill.
Credentials
The skill does not declare environment variables but reads appId/appSecret and allowFrom/groupAllowFrom from local openclaw.json files. Accessing those credentials is necessary to obtain Feishu tenant_access_token and send validation messages, so the access is functionally justified — but these are sensitive secrets and the skill will transmit derived tokens to Feishu APIs and send messages on behalf of the app.
!
Persistence & Privilege
The skill will modify live OpenClaw configuration via 'openclaw config set' and will forcibly restart the user-level openclaw-gateway.service without further confirmation. While 'always' is false and it does not auto-enable itself, these are high-privilege actions with real operational impact; users should be aware it will change config and send messages to all targets.
What to consider before installing
What to consider before installing or running this skill: - It will read ~/.openclaw/openclaw.json and backup files (which contain appId/appSecret and access lists). Those app secrets are sensitive — inspect the script and confirm you trust it before allowing access. - The script requires externally available tools that are not declared in metadata: openclaw CLI, systemctl/journalctl (systemd user service), curl, and sleep. Ensure these are present and that running them is acceptable in your environment. - The skill will modify live configuration (using 'openclaw config set') and forcibly restart the openclaw-gateway.service automatically. Back up current config and test in a non-production environment first. - It will iterate over allowFrom and groupAllowFrom and send messages to all listed chats/users to validate repairs. Consider privacy and inform impacted users/groups before running. - If you want to reduce risk: run the diagnose script manually in a dry-run or JSON-only mode first, review the output, and only allow fixes after confirming the proposed changes; or edit the script to add an explicit interactive confirmation step before any 'openclaw config set' or 'systemctl restart' call. - If you are unsure, ask the skill author for provenance or run the script in an isolated environment where it cannot reach the real Feishu API or restart production services.
scripts/diagnose.js:92
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a1ydhh41rc6m1t5wfe95y0s84v97m
82downloads
0stars
11versions
Updated 1w ago
v2.0.0
MIT-0
c32@amd5
latest
Download

Feishu Repair — 飞书群聊+会话修复技能

版本: 1.9.0 创建日期: 2026-04-14 触发关键词: 修复飞书

📋 功能

自动诊断和修复 OpenClaw 飞书渠道的常见问题:

问题类型诊断方式修复方式
Gateway 未运行systemctl 检查自动重启 Gateway
飞书 WebSocket 断开journalctl 日志自动重启 Gateway
群聊权限丢失检查 groupAllowFrom自动恢复配置 + 强制重启 + 验证 + 发送消息到所有群聊和用户
用户权限丢失检查 allowFrom自动恢复配置 + 强制重启 + 验证 + 发送消息到所有群聊和用户
配置未生效检查 config强制重启 Gateway + 验证
消息不回复综合诊断输出修复报告 + 发送验证消息

📂 文件结构

skills/feishu-repair/
├── SKILL.md
├── skill.json
├── _meta.json
└── scripts/
    └── diagnose.js     # 诊断脚本

🔧 修复流程

诊断 → 修复 → 强制重启 Gateway → 验证 → 发消息确认
步骤功能说明
1️⃣ 诊断检查 Gateway、飞书配置、日志错误始终执行
2️⃣ 修复从配置恢复丢失的权限检测到问题
3️⃣ 强制重启重启 Gateway 使配置生效有修复操作时强制重启
4️⃣ 验证配置 + 日志双重检查重启后自动执行
5️⃣ 消息确认遍历所有群聊和会话发送当前时间验证通过后自动发送

修复策略

策略触发条件动作
配置恢复权限丢失/配置异常openclaw.jsonopenclaw.json.bak* 读取完整配置自动恢复
Gateway 状态检查Gateway 未运行自动重启 Gateway
WebSocket 重连WS 断开日志自动重启 Gateway
配置生效检查配置变更未生效自动重启 Gateway + 验证

配置读取优先级

  1. ~/.openclaw/openclaw.json(当前配置)
  2. ~/.openclaw/openclaw.json.bak(最新备份)
  3. ~/.openclaw/openclaw.json.bak.1(更早备份)

按顺序读取,找到第一个有飞书配置的文件即停止。从中提取 allowFromgroupAllowFromappId 等完整列表。

📊 配置来源

技能内不硬编码任何用户 ID、群聊 ID、App ID。

全部从用户的 openclaw.json 及其备份文件中动态读取。

⚠️ 注意事项

  • 检测到配置问题并修复后,强制重启 Gateway(不是提示手动)
  • 重启完成后,自动验证修复结果(配置 + 日志双重检查)
  • 验证通过后,自动在飞书所有群聊(groupAllowFrom)和会话(allowFrom)发送当前时间,确认消息功能已恢复
  • 配置读取优先级:openclaw.json > openclaw.json.bak > openclaw.json.bak.1
  • 诊断结果输出详细报告

Comments

Loading comments...