The official Lark/Feishu CLI tool built for both humans and AI agents, delivering 200+ commands and 26 AI agent skills across 18 business domains from messaging and calendar to docs, sheets, and approvals.
lark-cli is the official open-source command-line interface for the Lark (Feishu) collaboration platform, maintained by the larksuite team. Written in Go, it exposes the full breadth of the Lark Open Platform API through a carefully designed three-layer architecture: high-level shortcuts optimized for human and agent ergonomics, API commands auto-generated from platform metadata, and raw API passthrough for complete coverage.
The tool ships with 26 structured AI agent skills compatible with Claude Code, Cursor, and similar tools, letting AI agents operate Lark with zero additional setup — reading messages, creating calendar events, querying spreadsheets, managing approvals, and much more. Every command is tested with real agents, with concise parameters, smart defaults, and structured JSON output designed to maximize agent call success rates.
Security is a first-class concern: the CLI implements input injection protection, terminal output sanitization against prompt-injection attacks, and OS-native keychain storage for credentials via go-keyring. All command errors are returned as typed, machine-parseable envelopes with structured hints so both humans and AI agents can recover from failures without parsing prose.
With releases shipping nearly daily since launch and a highly active development velocity, lark-cli represents a rapidly maturing integration surface for one of Asia’s largest enterprise collaboration platforms, now increasingly used internationally as Lark expands globally.
Architecture
The codebase is organized as a layered command registry where a factory pattern centralizes identity resolution, credential lookup, and API client construction, allowing every command to receive a fully configured client without reaching into global state. The three-layer command model — shortcuts, API commands, and raw API — is enforced structurally rather than by convention: shortcuts live in dedicated domain packages under shortcuts/, auto-generated API commands are loaded from embedded metadata at bootstrap, and a clean separation between command registration and business logic means the 200+ command surface area is navigable and testable. Lifecycle hooks (Startup, Shutdown) are fired through an event bus, enabling skills and extensions to react to CLI invocations without tight coupling to the core execution path.
Tech Stack The binary is written in Go 1.23 and compiled with ldflags for version and date injection. Command parsing is handled by Cobra and pflag, with a custom FlagErrorFunc that converts parse errors into structured typed envelopes rather than cobra’s default prose. The Charmbracelet suite (huh, bubbletea, lipgloss) powers interactive TUI flows for auth and config. Credentials are stored via go-keyring for OS-native keychain integration on macOS, Windows, and Linux. API communication uses the official larksuite oapi-sdk-go v3 alongside gorilla/websocket for real-time event subscriptions. jq-style output filtering is provided by itchyny/gojq, and YAML configuration is handled by gopkg.in/yaml.v3. The npm wrapper enables one-command installation without requiring users to have a Go toolchain.
Code Quality
The repository contains an extensive suite of over 750 test files covering unit and integration scenarios, with race-detector builds enabled on supported architectures. Errors are never swallowed — every command boundary enforces typed errs.* returns with explicit subtypes, machine-readable parameter hints, and structured exit codes, forming a documented error contract that AI agents and scripts depend on. CI enforces go vet, gofmt, golangci-lint, and a quality gate that validates the command manifest against expected structure. Naming conventions are consistent across the codebase, and a content safety scanner with configurable rules guards against prompt-injection in API response data.
What Makes It Unique Lark CLI’s defining characteristic is its co-design for both human and agent consumers from the ground up — not bolted on after the fact. The structured error envelope with typed subtypes, parameter-level suggestions, and explicit exit codes means an AI agent can self-recover from a wrong flag or missing scope without parsing prose output. The bundled skill system provides domain-specific context files that teach agents Lark API patterns, correct identity selection (user vs bot), and multi-step workflow sequences, dramatically reducing agent hallucination rates on Lark-specific tasks. The content safety scanner that inspects API response data for prompt-injection patterns is particularly novel: it surfaces alerts in the JSON envelope so the consuming agent can decide whether to proceed, rather than silently propagating potentially malicious content.
lark-cli is released under the MIT License, one of the most permissive open-source licenses available. You can use it commercially, modify the source, redistribute it, and incorporate it into proprietary tooling without any copyleft obligations. The only requirement is retaining the copyright notice. There are no contributor license agreements, dual-licensing restrictions, or “open core” limitations on the command set — every command and skill in the repository is available under the same MIT terms.
Running lark-cli yourself means you are responsible for managing credentials, keeping the binary current, and handling authentication token lifecycle. The tool uses OS-native keychains for credential storage, which is secure but requires each machine or CI environment to independently configure credentials via lark-cli config init and lark-cli auth login. The release cadence is very high (nearly daily), so production scripts should pin a specific version via npm to avoid unexpected breaking changes between invocations. There is no built-in secrets manager integration, so teams running it in CI will need to supply credentials through environment variables using the env credential provider.
There is no hosted SaaS version of lark-cli itself — it is purely a local CLI tool. What you are accessing is the Lark Open Platform API, which is operated by Lark Technologies and subject to rate limits, API versioning policies, and the platform’s own terms of service. Enterprise Lark customers get dedicated support channels, SLAs, and higher API rate limits through their Lark subscription, but those benefits come from the Lark platform itself rather than from the CLI. If the official Lark Open Platform deprecates or changes an API endpoint, a CLI update is typically required; the auto-generated command layer means the team can ship platform-synced updates quickly, but there is an inherent lag between platform changes and CLI releases.
No Code Platforms · AI Development · Developer Tools
Visual LLM workflow platform with RAG pipelines, agent capabilities, and model management for building production AI applications.
Developer Tools · Game Development · Design Tools
Free, MIT-licensed 2D and 3D game engine with one-click multi-platform export and no royalties.
Developer Tools · Databases · Search
The open-source Postgres development platform that replaces Firebase with authentication, real-time APIs, edge functions, storage, and vector embeddings — all built on PostgreSQL.