lark-shared

The lark-shared skill provides instructions and protocols for managing lark-cli authentication, identity switching between user and bot, and handling permissions or high-risk operations.

344.2K
Installs
5
Use cases
5/10
Quality

Is lark-shared safe to install?

Review the source first

Review the source first: our audit of lark-shared's source files found 8 shell commands, 0 external URLs, file reads and writes (high risk). Every command and URL listed appears verbatim in the skill's source. The skill executes shell commands, manages authentication tokens, and performs high-risk write operations that require explicit user confirmation via exit code 10 handling.

How we audit skills: our security review methodology.

Who is this skill for?

AI agents assisting users with lark-cli configuration, authentication, and resource management.

What can you do with it?

  • Initializing lark-cli configuration
  • Authenticating user or bot identities
  • Managing authorization scopes and business domains
  • Handling permission errors and authorization flow
  • Executing high-risk operations with confirmation protocols

How good is this skill?

Quality score: 5/10. The skill documentation is comprehensive, providing clear protocols for error handling, security, and agent-user interaction patterns.

What does the skill file contain?

SKILL.md
# lark-cli 共享规则

本技能指导你如何通过lark-cli操作飞书资源, 以及有哪些注意事项。

## 配置初始化

首次使用需运行 `lark-cli config init` 完成应用配置。

当你帮用户初始化配置时,使用background方式使用下面的命令发起配置应用流程,启动后读取输出,从中提取授权链接并发给用户。

**URL 转发规则**:当命令输出 `verification_url`、`verification_uri_complete`、`console_url` 等 URL 字段时:**必须生成二维码**:你必须调用 `lark-cli auth qrcode` 将 URL 转为二维码并展示给用户,这是必须步骤,不要跳过。优先生成 PNG 二维码(--output);仅当用户明确要求时才使用 ASCII(--ascii)。**URL 输出规则**:将 URL 视为不可修改的 opaque string,不要做任何修改(包括 URL 编码/解码、添加空格或标点、重新拼接 query),二维码和链接请一起展示给用户。

```bash
# 发起配置(该命令会阻塞直到用户打开链接并完成操作或过期)
lark-cli config init --new
```

## 认证

### 认证任务速查

认证、scope、业务域、登录态、退出登录态、撤销授权问...

Frequently asked questions

How do I handle authorization when the user is not present for a blocking command?

Use the split-flow method: execute the command with --no-wait --json, display the verification_url and a generated QR code to the user, and wait for the user to confirm completion before executing the command with --device-code.

How do I distinguish between successful and failed command execution?

Check the ok field in the JSON output or the process exit code. Do not rely on a code field, as it only exists within the error envelope.

What should I do if a command returns exit code 10?

This indicates a high-risk operation requiring confirmation. Present the action details to the user, obtain explicit consent, and then re-run the command by appending --yes to the original arguments.

How do I switch between user and bot identities?

Use the --as flag with either user or bot. Bot identity requires appId and appSecret, while user identity requires auth login.

Data sourced from larksuite/cli on GitHub. Install counts from skills.sh. The summary and security audit are derived from the skill's source files: every command and URL listed appears verbatim in the source.

Related skills

supabase

153.8K

Developers building applications with Supabase who require assistance with database schema design, security policy implementation, CLI operations, and integration troubleshooting

The Supabase skill provides guidance for developing with the Supabase platform, including database management, authentication, RLS policies, CLI usage, and MCP server integration. It emphasizes verifying implementation against current documentation, following security checklists, and using specific CLI commands for schema migrations.

highsupabasepostgresqlsupabase

firebase-auth-basics

98.6K

Developers building applications with Firebase who need to implement user sign-in, management, or secure data access

This skill provides guidance for configuring and managing Firebase Authentication, including user identity providers, token handling, and deployment of authentication settings via the Firebase CLI.

highfirebaseauthenticationfirebase

firebase-basics

97.4K

Developers using AI agents to manage Firebase projects via the command line

Provides foundational Firebase CLI workflows including authentication, project management, and configuration file retrieval.

highfirebaseclifirebase

convex-setup-auth

80.1K

Developers building applications on the Convex platform who need to integrate authentication providers like Clerk, Auth0, WorkOS, or Convex Auth

This skill provides a structured workflow for implementing authentication, identity mapping, and access control within Convex applications. It guides the agent to identify the appropriate auth provider, consult official documentation, and apply secure patterns for protecting backend functions.

lowconvexauthenticationget-convex