feishu-docs

The Feishu Docs CLI skill is largely coherent with its stated purpose and generally uses appropriate authentication and API-driven data flows. The footprint is proportionate (no obvious unverifiable binaries or external credential forwarding beyond the intended Feishu API usage). However, credential handling requires careful secret management (env vars, login tokens, and backups) to prevent leakage, and explicit security measures around logging and token handling are not described. The local backups feature is sensible but introduces potential data-at-rest concerns without encryption or access control details. Overall, the stance is BENIGN with notable security-conscious caveats; treat as SUSPICIOUS if credentials are stored insecurely, logged in plaintext, or if the distribution/source of the feishu-docs CLI cannot be trusted or verified.