// Operate Feishu or Lark IM APIs through UXC with a curated OpenAPI schema, tenant-token bearer auth, and chat/message guardrails.
| name | feishu-openapi-skill |
| description | Operate Feishu or Lark IM APIs through UXC with a curated OpenAPI schema, tenant-token bearer auth, and chat/message guardrails. |
Use this skill to run Feishu or Lark IM operations through uxc + OpenAPI.
Reuse the uxc skill for shared execution, auth, and error-handling guidance.
uxc is installed and available in PATH.https://open.feishu.cn/open-apis or https://open.larksuite.com/open-apis.https://raw.githubusercontent.com/holon-run/uxc/main/skills/feishu-openapi-skill/references/feishu-im.openapi.jsonapp_id + app_secret, or a current tenant_access_token if you are using the manual fallback path.This skill covers an IM-focused request/response surface:
This skill does not cover:
Feishu and Lark expose event-delivery models beyond plain request/response APIs, including long-connection event delivery in the platform ecosystem.
Current uxc subscribe status:
feishu-long-connection transportim.message.receive_v1 events delivered into the subscribe sink for a p2p bot chatImportant runtime notes:
feishu-long-connection is a provider-aware transport inside uxc subscribe; it is not a plain raw WebSocket stream/callback/ws/endpointThis schema works against either Feishu or Lark Open Platform base URLs:
https://open.feishu.cn/open-apishttps://open.larksuite.com/open-apisThe fixed link example below uses Feishu. For Lark, use the same schema URL against the Lark base host.
Feishu and Lark service-side APIs use Authorization: Bearer <tenant_access_token> for these operations.
Preferred setup is to store app_id + app_secret as credential fields and let uxc auth bootstrap fetch and refresh the short-lived tenant token automatically.
Feishu bootstrap-managed setup:
uxc auth credential set feishu-tenant \
--auth-type bearer \
--field app_id=env:FEISHU_APP_ID \
--field app_secret=env:FEISHU_APP_SECRET
uxc auth bootstrap set feishu-tenant \
--token-endpoint https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal \
--header 'Content-Type=application/json; charset=utf-8' \
--request-json '{"app_id":"{{field:app_id}}","app_secret":"{{field:app_secret}}"}' \
--access-token-pointer /tenant_access_token \
--expires-in-pointer /expire \
--success-code-pointer /code \
--success-code-value 0
uxc auth binding add \
--id feishu-tenant \
--host open.feishu.cn \
--path-prefix /open-apis \
--scheme https \
--credential feishu-tenant \
--priority 100
For Lark, use the same bootstrap shape against the Lark host and bind the credential to open.larksuite.com.
To use long-connection subscribe, the credential still needs app_id and app_secret fields because the transport opens its own temporary event URL outside the normal bearer-token request path.
Manual fallback if you already have a tenant token:
curl -sS https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal \
-H 'Content-Type: application/json; charset=utf-8' \
-d '{"app_id":"cli_xxx","app_secret":"xxxx"}'
Lark uses the same path shape on the Lark host:
curl -sS https://open.larksuite.com/open-apis/auth/v3/tenant_access_token/internal \
-H 'Content-Type: application/json; charset=utf-8' \
-d '{"app_id":"cli_xxx","app_secret":"xxxx"}'
Configure one bearer credential and bind it to the Feishu API host:
uxc auth credential set feishu-tenant \
--auth-type bearer \
--secret-env FEISHU_TENANT_ACCESS_TOKEN
uxc auth binding add \
--id feishu-tenant \
--host open.feishu.cn \
--path-prefix /open-apis \
--scheme https \
--credential feishu-tenant \
--priority 100
For Lark, create the same binding against open.larksuite.com:
uxc auth binding add \
--id lark-tenant \
--host open.larksuite.com \
--path-prefix /open-apis \
--scheme https \
--credential feishu-tenant \
--priority 100
Inspect or pre-warm bootstrap state when auth looks wrong:
uxc auth bootstrap info feishu-tenant
uxc auth bootstrap refresh feishu-tenant
Validate the active binding when auth looks wrong:
uxc auth binding match https://open.feishu.cn/open-apis
Use the fixed link command by default:
command -v feishu-openapi-cliuxc link feishu-openapi-cli https://open.feishu.cn/open-apis --schema-url https://raw.githubusercontent.com/holon-run/uxc/main/skills/feishu-openapi-skill/references/feishu-im.openapi.jsonfeishu-openapi-cli -hInspect operation schema first:
feishu-openapi-cli get:/bot/v3/info -hfeishu-openapi-cli get:/im/v1/chats -hfeishu-openapi-cli post:/im/v1/images -hfeishu-openapi-cli post:/im/v1/files -hfeishu-openapi-cli post:/im/v1/messages -hfeishu-openapi-cli get:/im/v1/messages -hPrefer read/setup validation before writes:
feishu-openapi-cli get:/bot/v3/infofeishu-openapi-cli get:/im/v1/chats page_size=20feishu-openapi-cli get:/im/v1/chats/{chat_id} chat_id=oc_xxxfeishu-openapi-cli get:/contact/v3/users/{user_id} user_id=ou_xxx user_id_type=open_idExecute with key/value or positional JSON:
feishu-openapi-cli get:/im/v1/messages container_id_type=chat container_id=oc_xxx page_size=20feishu-openapi-cli post:/im/v1/images image_type=message image=/tmp/example.pngfeishu-openapi-cli post:/im/v1/messages receive_id_type=chat_id '{"receive_id":"oc_xxx","msg_type":"text","content":"{\"text\":\"Hello from UXC\"}"}'For inbound message intake, use uxc subscribe directly:
uxc subscribe start https://open.feishu.cn/open-apis --transport feishu-long-connection --auth feishu-tenant --sink file:$HOME/.uxc/subscriptions/feishu.ndjsonheader.event_type = "im.message.receive_v1"get:/bot/v3/infoget:/im/v1/chatsget:/im/v1/chats/{chat_id}get:/im/v1/chats/{chat_id}/membersget:/im/v1/messagesget:/im/v1/messages/{message_id}post:/im/v1/messagespost:/im/v1/messages/{message_id}/replypost:/im/v1/imagespost:/im/v1/filesget:/contact/v3/users/{user_id}post:/contact/v3/users/batch_get_id--text.ok, kind, protocol, data, error.uxc auth bootstrap over manual token management. Manual tenant_access_token setup is still supported as a fallback.get:/bot/v3/info requires a tenant token for an app with bot capability enabled, but does not require additional API scopes.feishu-long-connection requires the app credential fields app_id and app_secret; a plain bearer-only credential is not enough for event intake.post:/im/v1/images and post:/im/v1/files use multipart/form-data. File fields must be local path strings; help output marks them as multipart file fields.post:/im/v1/messages requires the receive_id_type query parameter and the body content field is a JSON-encoded string, not a nested JSON object.msg_type=image with content='{\"image_key\":\"img_xxx\"}'msg_type=file with content='{\"file_key\":\"file_xxx\"}'post:/im/v1/messages/{message_id}/reply is for explicit replies to an existing message. Treat it as a high-risk write.feishu-openapi-cli <operation> ... is equivalent to uxc https://open.feishu.cn/open-apis --schema-url <feishu_openapi_schema> <operation> ....references/usage-patterns.mdreferences/feishu-im.openapi.jsonOperate GitHub REST API through UXC with the official OpenAPI schema, explicit gh-to-uxc auth import, and read-first guardrails for repo, issue, pull request, and event workflows.
Operate X API v2 through UXC with the official OpenAPI schema, OAuth2 PKCE user-context auth, app-only bearer guidance, and read-first guardrails for timeline/bookmark/post workflows.
Discover and call remote schema-exposed interfaces with UXC. Use when an agent or skill needs to list operations, inspect operation schemas, and execute OpenAPI, GraphQL, gRPC, MCP, or JSON-RPC calls via one CLI contract.
Use a local QMD knowledge base through UXC over MCP stdio, with daemon-backed session reuse and typed retrieval flows that avoid repeated model warmup and unnecessary query-expansion latency.
Operate Notion Public API through UXC with a curated OpenAPI schema for search, block traversal, page reads, content writes, and data source/database inspection. Use when tasks need recursive reads or structured writes that Notion MCP does not expose directly.
Operate Blocknative gas intelligence APIs through UXC with a curated OpenAPI schema, API-key auth, and read-first guardrails.