feishu-automation

The skill's footprint is largely coherent with its stated purpose of Feishu automation via lark-mcp. It relies on official Feishu API endpoints and standard token-based authentication, which is appropriate for its domain. However, there are potential security concerns around credential handling and token exposure in the documentation and sample code. No evidence of malicious intent (no unverifiable binaries, no data exfiltration beyond Feishu APIs, and no autonomous dangerous actions) is found. Overall risk is moderate due to token handling patterns; ensure secrets are never logged and are stored/rotated securely, and sanitize sample code to avoid printing tokens in logs.