feishu-robot-interact

v1.0.0

飞书群机器人互相通信能力。当机器人在飞书群聊中被其他机器人@时，解析消息内容，执行任务，并在执行前向开发者确认（首次）或根据记忆决定是否需要确认。适用于：(1) 机器人之间需要协作完成任务 (2) 多机器人工作流编排 (3) 分布式任务处理场景。

⭐ 0· 82·0 current·0 all-time

by@yongjie888wang-commits

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for yongjie888wang-commits/feishu-robot-interact.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "feishu-robot-interact" (yongjie888wang-commits/feishu-robot-interact) from ClawHub.
Skill page: https://clawhub.ai/yongjie888wang-commits/feishu-robot-interact
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install feishu-robot-interact

ClawHub CLI

Package manager switcher

npx clawhub@latest install feishu-robot-interact

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill claims to implement Feishu group robot communication, and the Python script implements message parsing, confirmation and local memory storage — that is coherent. However the registry metadata lists no required environment variables or credentials even though the code expects FEISHU_ROBOT_ID, FEISHU_DEVELOPER_ID and MEMORY_PATH. The SKILL.md also talks about executing tasks and replying to group chats, but the shipped script does not include any Feishu API calls or credentials to send messages. The lack of declared Feishu API/token requirements is disproportionate to the described purpose.

ℹ

Instruction Scope

SKILL.md and references/config.md describe listening to Feishu events, asking developer confirmation and using OpenClaw memory; the script implements parsing and decision logic and reading/writing a local JSON memory file. It does not perform network I/O (no post/get to Feishu API) nor does it implement task execution — that must be provided by the integrator. There are small inconsistencies (SKILL.md mentions TOOLS.md while the repo has references/config.md). Overall instructions are scoped to message handling and confirmation, but they assume external wiring to actually send/receive messages and perform tasks.

✓

Install Mechanism

This is an instruction-only skill with a single Python script and documentation; there is no installer or downloaded archive. No code is automatically executed during install. That is low-risk in terms of install mechanism.

Credentials

The skill metadata declares no required env vars or credentials, but the script reads FEISHU_ROBOT_ID, FEISHU_ROBOT_NAME, FEISHU_DEVELOPER_ID and MEMORY_PATH. The skill also claims to send confirmation messages and replies but does not declare or use any Feishu API token/secret — in practice those credentials are necessary to send messages and should be documented and restricted. The memory file is stored under a user home path and will be written to disk; that is expected but should be noted.

✓

Persistence & Privilege

The skill does not request always:true, does not modify other skills, and only writes a local memory JSON file under the user's home directory (default path provided). That is a normal level of persistence for this functionality.

What to consider before installing

This skill implements local parsing and confirmation logic for Feishu robot messages but has several mismatches you should resolve before installing: (1) The package metadata declares no required env vars, but the code requires FEISHU_ROBOT_ID, FEISHU_DEVELOPER_ID and MEMORY_PATH — add these to the environment and the skill metadata. (2) The script does not include any Feishu API calls or any bot token/secret usage; you will need to wire message sending/receiving (and provide secure Feishu credentials) for it to function. (3) The skill writes a JSON memory file to the user home directory — ensure that path and file permissions are acceptable and that sensitive task contents are not inadvertently persisted. (4) Confirm provenance: the source/homepage is unknown; consider running the code in a sandbox, inspecting/adding explicit handling for Feishu auth tokens (and store them securely), and adding explicit metadata for required credentials before using in production. Finally, test the confirmation flow carefully to avoid automatic execution of sensitive tasks if a memory entry marks them as 'trusted'.

Like a lobster shell, security has layers — review code before you run it.

latestvk9731j8jxgnp3ywe4fc74fhr5n83q3z0

82downloads

0stars

1versions

Updated 1mo ago

v1.0.0

MIT-0

飞书群机器人通信 Skill

本 skill 封装了飞书群内机器人互相通信的完整能力：监听消息 → 识别@ → 解析任务 → 开发者确认 → 执行 → 回复。

核心能力

消息监听：监听飞书群聊中的消息事件
@识别：判断消息是否@了本机器人
任务解析：从纯文本消息中提取任务内容
开发者确认：执行前需开发者同意，支持记忆偏好
执行与回复：完成任务后回复结果

工作流程

1. 消息接收与解析

# 伪代码：消息处理流程
def handle_message(event):
    # 1. 解析消息内容，提取 @ 信息
    mentioned_robots = extract_mentions(event.message)
    
    # 2. 检查是否@了本机器人
    if MY_ROBOT_ID not in mentioned_robots:
        return  # 不是@本机器人，忽略
    
    # 3. 获取消息文本（去掉@部分）
    task_content = extract_task_text(event.message, MY_ROBOT_ID)
    
    # 4. 触发任务处理
    process_task(task_content, event)

2. 开发者确认机制

首次执行任务时，必须向开发者确认：

🤖: 收到任务：{task_content}
    需要执行吗？同意回复"确认"，拒绝回复"取消"

根据开发者回复：

确认：执行任务，记录「该任务类型已确认」
拒绝：不执行，记录「该任务类型已拒绝」

3. 记忆与偏好学习

使用 OpenClaw 的 memory 系统记录开发者偏好：

# 记忆格式示例
## 任务: {task_type}
- 首次确认时间: 2026-03-27
- 状态: 已确认 / 已拒绝
- 下次无需确认: 是 / 否

下次相同任务类型：

如果开发者之前已确认且说"下次不需要确认" → 直接执行
如果开发者之前已拒绝 → 直接拒绝执行
如果没有记录 → 走确认流程

4. 执行与回复

执行完成后，向群聊返回结果：

✅ 任务已完成
📋 任务内容：{task_content}
🔧 执行结果：{result}

配置项

在 TOOLS.md 中配置以下内容：

### 飞书机器人通信

- **机器人ID**: 你的机器人 open_id
- **机器人名称**: @机器人时显示的名字
- **开发者ID**: open_id，用于发送确认请求
- **确认模式**: confirm_first | auto_trust_known
- **记忆路径**: ~/.openclaw/workspace/memory/robot_confirm.json

注意事项

安全性：执行敏感操作前必须确认
幂等性：相同任务多次执行应保持一致
超时处理：开发者长时间未回复，应有超时重试机制
日志记录：所有交互需要记录日志便于排查

Comments

Loading comments...