lark-shared

SUSPICIOUS: the stated purpose is coherent for a Lark/Feishu auth helper, and the security guidance is mostly proportional, but the skill's trust model is underspecified because it relies on an unqualified `lark-cli` binary with ambiguous provenance. Main concern is install/provenance ambiguity and credential handling through that CLI, not confirmed malicious behavior.