Security 29,068 installs

lark-cli 共享规则

by larksuite/cli

Use when first setting up lark-cli, running auth login, switching user/bot identity (--as), handling permission denied or scope errors, needing to update…

Skill content

Lark CLI configuration, authentication, and operational guidelines for agent workflows.

- Requires initial setup via lark-cli config init --new; generate QR codes for all verification URLs using lark-cli auth qrcode before sharing with users

- Supports two identity types-user (personal resources via auth login) and bot (application-level via appId/appSecret)-with distinct permission models; confirm identity matches the operation's intent

- Handle permission errors differently by identity: bot requires backend scope setup (provide console_url), user requires auth login --scope or --domain with explicit scope specification

- Use split-flow for agent-initiated auth: execute --no-wait --json to get verification URL and device code, display to user, then execute --device-code in a follow-up step after user confirms completion

- High-risk write operations require explicit user confirmation; when CLI exits with code 10 and confirmation_required error, display the action details, obtain user consent, then retry with --yes appended to the original command

lark-cli 共享规则

本技能指导你如何通过lark-cli操作飞书资源, 以及有哪些注意事项。

配置初始化

首次使用需运行 lark-cli config init 完成应用配置。

当你帮用户初始化配置时,使用background方式使用下面的命令发起配置应用流程,启动后读取输出,从中提取授权链接并发给用户。

URL 转发规则:当命令输出 verification_url、verification_uri_complete、console_url 等 URL 字段时:必须生成二维码:你必须调用 lark-cli auth qrcode 将 URL 转为二维码并展示给用户,这是必须步骤,不要跳过。优先生成 PNG 二维码(--output);仅当用户明确要求时才使用 ASCII(--ascii)。URL 输出规则:将 URL 视为不可修改的 opaque string,不要做任何修改(包括 URL 编码/解码、添加空格或标点、重新拼接 query),二维码和链接请一起展示给用户。

# 发起配置(该命令会阻塞直到用户打开链接并完成操作或过期)
lark-cli config init --new

认证