send-feishu
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Bash script (
scripts/feishu-send) to process logic and perform network requests.\n- [EXTERNAL_DOWNLOADS]: The script communicates with official Feishu API endpoints (open.feishu.cn) to facilitate message delivery and file uploads.\n- [SAFE]: Sensitive information such asFEISHU_APP_SECRETandFEISHU_WEBHOOKis handled via environment variables, following standard security practices for secret management.\n- [SAFE]: The skill uses Python'sjsonmodule to construct payloads, ensuring that user-provided text or file names are safely escaped and do not cause injection vulnerabilities.
Audit Metadata