feishu voice reply
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent Feishu voice-reply skill, but it does send reply content to Microsoft Edge TTS and uses the configured Feishu messaging path to post audio replies.
Before installing, confirm that you want the agent to send Feishu voice messages, that the Feishu bot has minimal permissions, and that sending the reply text to Microsoft Edge TTS is acceptable. Use a trusted, preferably pinned edge-tts dependency in sensitive environments.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
After sending a voice reply, the agent may stop without a normal text confirmation.
The skill changes the agent's post-action behavior by requiring silence after sending the voice message. This is aligned with the voice-reply goal, but users should understand it may suppress the usual textual confirmation.
语音发送后,绝对不做任何回复操作!
Use this skill where silent voice replies are desired, and require explicit user wording before sending voice messages in important chats.
The agent can send generated audio messages through Feishu when invoked.
The skill is intended to use a messaging tool to send an audio file into Feishu. This is the core purpose, but it is still a content-posting action that can affect private or group chats.
message(
action="send",
channel="feishu",
filePath="/path/to/voice.mp3"
)Install only if you want the agent to send Feishu voice messages, and keep the Feishu bot limited to appropriate chats and permissions.
Messages may be sent using the permissions of the configured Feishu bot or gateway account.
The registry metadata declares no primary credential, but the skill's Feishu sending behavior depends on already configured Feishu bot credentials. This is expected for the integration, but users should notice the delegated account authority.
确保 OpenClaw 已配置飞书凭据 - 检查飞书机器人权限
Use a dedicated Feishu bot with the minimum send permissions needed, and avoid granting broad workspace or admin privileges.
Installing later or mirror-provided package versions could change the code that runs for TTS generation.
The install helper installs an unpinned third-party Python package from a package index mirror. This dependency is central to the skill's TTS purpose, but version pinning and source choice affect supply-chain trust.
pip3 install edge-tts -i https://pypi.tuna.tsinghua.edu.cn/simple
Prefer a pinned, reviewed edge-tts version from a trusted package source if using this in a sensitive environment.
Users might underestimate that their text is sent to Microsoft to generate speech.
The safety wording is somewhat overstated or internally inconsistent: the skill says it does not access external servers while also saying it directly connects to Microsoft servers for TTS. Other sections do disclose the Microsoft TTS data flow.
不访问外部服务器(直接连接微软服务器)
Do not send highly sensitive text through this skill unless Microsoft Edge TTS processing is acceptable for that data.