lark-event

SUSPICIOUS. The purpose and capabilities are mostly aligned, but the skill's core function depends on a non-official third-party CLI (`lark-cli`) and implicitly forwards Lark authentication to it via shared auth instructions. With no official install path or direct endpoint verification in the snippet, the main risk is supply-chain and credential exposure rather than confirmed malicious behavior.