grtninja/feishu-perm
skill-candidates/feishu-perm/SKILL.md
Manage Feishu file and document permissions via the feishu_perm tool. Use when listing collaborators, granting access, revoking access, or checking whether a file, folder, wiki node, or document has the correct permission level.
$ install --global
skillsauthnpx skillsauth add grtninja/skill-arbiter feishu-permInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 22, 2026, 8:16 PM53.5s2 files scanned
SKILL.md
- name:
- feishu-perm
- description:
- Manage Feishu file and document permissions via the feishu_perm tool. Use when listing collaborators, granting access, revoking access, or checking whether a file, folder, wiki node, or document has the correct permission level.
Feishu Permission Tool
Single tool feishu_perm for managing file and document permissions across supported Feishu object types.
Workflow
- List current collaborators before changing permissions.
- Confirm the correct target
tokenand objecttype. - Apply the minimum permission change needed (
addorremove). - Re-list collaborators to verify the final permission state.
Actions Summary
| Action | Description |
| ------ | ----------- |
| list | List collaborators and their current permissions |
| add | Grant a permission level to a member |
| remove | Revoke collaborator access |
Token Types
| Type | Description |
| ---------- | ----------------------- |
| doc | Old format document |
| docx | New format document |
| sheet | Spreadsheet |
| bitable | Multi-dimensional table |
| folder | Folder |
| file | Uploaded file |
| wiki | Wiki node |
| mindnote | Mind map |
Member Types
| Type | Description |
| ------------------ | ------------------ |
| email | Email address |
| openid | User open_id |
| userid | User user_id |
| unionid | User union_id |
| openchat | Group chat open_id |
| opendepartmentid | Department open_id |
Permission Levels
| Perm | Description |
| ------------- | ------------------------------------ |
| view | View only |
| edit | Can edit |
| full_access | Full access (can manage permissions) |
Key Constraints
- Permission changes are sensitive operations; keep this tool explicitly enabled and use the narrowest permission needed.
type,member_type, andmember_idmust all match the target object and principal format.full_accesscan manage permissions and should be granted sparingly.
Examples
Share document with email:
{
"action": "add",
"token": "doxcnXXX",
"type": "docx",
"member_type": "email",
"member_id": "[email protected]",
"perm": "edit"
}
Share folder with group:
{
"action": "add",
"token": "fldcnXXX",
"type": "folder",
"member_type": "openchat",
"member_id": "oc_xxx",
"perm": "view"
}
Configuration
channels:
feishu:
tools:
perm: true # default: false (disabled)
Note: This tool is disabled by default because permission management is a sensitive operation. Enable explicitly if needed.
Permissions
Required: drive:permission
Guardrails
- Use local or trusted tools only; avoid untrusted install pipelines.
- Do not paste secrets/tokens into chat output.
- Keep outputs in deterministic local paths for reproducible review.
Related Skills
grtninja/white-hat
tools
VerifiedTrustedCommunity
Run a defender-first security sweep on code, configs, prompts, model/tooling surfaces, or third-party contribution lanes. Use when a request involves safe bug, leak, zero-day-class, exploit, or hack hunting for protection, when contributing to outside repositories and you want a focused security pass, or when touching auth, secrets, permissions, network exposure, prompt/tool boundaries, data flow, or update/build surfaces. This skill is defensive only and must never be used for weaponization or unauthorized access.
2SKILL.mdUpdated Apr 22, 2026
grtninja/vrm-sandbox-startup-acceptance
development
VerifiedTrustedCommunity
Validate and repair VRM Sandbox startup acceptance with shim-first local model authority, frontend/backend bring-up, and avatar-runtime launch proof. Use when launch behavior, chat handoff, voice fallback, or runtime bridge acceptance must be verified end to end.
2SKILL.mdUpdated Apr 22, 2026
grtninja/voice-catalog-runtime-alignment
documentation
VerifiedTrustedCommunity
Align documented voice-command catalogs, endpoint action allowances, and live runtime handlers so operator-visible voice surfaces match what the stack can actually execute. Use when voice command docs, parser matrices, endpoint permissions, or runtime action routing drift apart.
2SKILL.mdUpdated Apr 22, 2026
grtninja/skillhub-trend-radar
development
VerifiedTrustedCommunity
Track SkillHub trend and topic drift, maintain a bounded rewrite watchlist, and surface emerging gaps worth turning into repo-owned skills. Use when the marketplace query set shows new families or when the current shortlist has gone stale.
2SKILL.mdUpdated Apr 22, 2026