ClawHub

Feishu Multi-Bot

v1.0.1

Configure multiple Feishu/Lark bot identities within a single OpenClaw instance — each Agent gets its own Feishu App, name, avatar, and message routing. Use...

1· 103·0 current·0 all-time
bysimonlin@simonlin1212
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included materials: docs explain a three-block configuration model for OpenClaw + Feishu and the script generates the channels/bindings/agents JSON blocks. Required artifacts (openclaw.json edits, Feishu app IDs/secrets, gateway restarts) are legitimate for this purpose.
Instruction Scope
SKILL.md instructions stay within the claimed scope (creating apps, generating config blocks, validating JSON, restarting gateway, debugging routing). One noteworthy behavior: the provided setup script accepts appSecret values on the command line and prints them into JSON on stdout—this is necessary to produce config but it exposes secrets to terminal logs/history. Troubleshooting steps also suggest pkill/openclaw logs/grep which are expected for admin tasks.
Install Mechanism
No install spec; this is instruction-only plus a small shell helper. No downloads, no archived extracts, and the script does not write files or fetch remote resources. Low install risk.
Credentials
The skill does not request environment variables or other external credentials in metadata. Practically, it requires you to supply Feishu AppID/AppSecret pairs (via script args) and to edit openclaw.json—which is proportional. The main caution: secrets are provided on the command line and echoed; consider the sensitivity of exposing appSecret values in shell history/logs.
Persistence & Privilege
always:false and default model invocation are fine. The skill does not request persistent system-wide privileges, does not modify other skills, and does not create background services. It only emits configuration blocks and workspace mkdir commands (not executed by the script itself).
Assessment
This package appears to do what it says: generate JSON blocks and documentation for wiring multiple Feishu apps to OpenClaw agents. Before using it: (1) Avoid passing secrets on shared shells—the script prints appSecret values to stdout and those arguments may be stored in shell history; prefer running it in a private terminal or modify the script to read secrets from stdin or a protected file. (2) Review and validate the generated JSON before merging into ~/.openclaw/openclaw.json (the docs already recommend python json validation). (3) Roll out one bot at a time and back up your existing openclaw.json; gateway restarts/pkills can be disruptive. (4) Limit Feishu app permissions to the minimum necessary and ensure the apps are published in the Feishu console. (5) If you want the script to avoid echoing secrets, consider editing it to redact secrets from stdout or to write directly to a protected file rather than printing them.

Like a lobster shell, security has layers — review code before you run it.

feishuvk9718az3yd5bkvm23yg8cjwecd8430g6larkvk9718az3yd5bkvm23yg8cjwecd8430g6latestvk9718az3yd5bkvm23yg8cjwecd8430g6multi-agentvk9718az3yd5bkvm23yg8cjwecd8430g6routingvk9718az3yd5bkvm23yg8cjwecd8430g6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments