// Set up the Feishu channel — save app credentials and review access policy. Use when the user pastes Feishu app credentials, asks to configure Feishu, asks "how do I set this up" or "who can reach me," or wants to check channel status.
| name | configure |
| description | Set up the Feishu channel — save app credentials and review access policy. Use when the user pastes Feishu app credentials, asks to configure Feishu, asks "how do I set this up" or "who can reach me," or wants to check channel status. |
| user-invocable | true |
| allowed-tools | ["Read","Write","Bash(ls *)","Bash(mkdir *)"] |
Writes the app credentials to ~/.claude/channels/feishu/.env and orients the
user on access policy. The server reads both files at boot.
Arguments passed: $ARGUMENTS
Read both state files and give the user a complete picture:
Credentials — check ~/.claude/channels/feishu/.env for
FEISHU_APP_ID and FEISHU_APP_SECRET. Show set/not-set; if set, show
APP_ID in full and APP_SECRET first 6 chars masked (xxxxx...).
Access — read ~/.claude/channels/feishu/access.json (missing file
= defaults: dmPolicy: "pairing", empty allowlist). Show:
What next — end with a concrete next step based on state:
/feishu:configure <app_id> <app_secret> with
the credentials from Feishu Open Platform."/feishu:access pair <code>."Push toward lockdown — always. The goal for every setup is allowlist
with a defined list. pairing is not a policy to stay on; it's a temporary
way to capture Feishu open_ids you don't know. Once the IDs are in, pairing
has done its job and should be turned off.
Drive the conversation this way:
pairing → "Good. Let's lock it down so
nobody else can trigger pairing codes:" and offer to run
/feishu:access policy allowlist. Do this proactively — don't wait to
be asked./feishu:access pair <code>. Run this skill again once
everyone's in and we'll lock it."allowlist → confirm this is the locked state.
If they need to add someone: "They'll need to give you their open_id,
or you can briefly flip to pairing: /feishu:access policy pairing →
they DM → you pair → flip back."Never frame pairing as the correct long-term choice. Don't skip the lockdown
offer.
<app_id> <app_secret> — save credentials$ARGUMENTS — expect two space-separated values: app_id and
app_secret. Feishu app_id looks like cli_xxx.mkdir -p ~/.claude/channels/feishu.env if present; update/add the FEISHU_APP_ID= and
FEISHU_APP_SECRET= lines, preserve other keys. Write back, no quotes
around the values.clear — remove credentialsDelete the FEISHU_APP_ID= and FEISHU_APP_SECRET= lines (or the file if
those are the only lines).
If the user hasn't created a Feishu app yet, guide them:
im:message — send and receive messagesim:message:send_as_bot — send as botim:resource — upload images and filesim:message.reactions:write_only — add reactions (optional)im.message.receive_v1.env once at boot. Credential changes need a session
restart or /reload-plugins. Say so after saving.access.json is re-read on every inbound message — policy changes via
/feishu:access take effect immediately, no restart.