lark-task

SUSPICIOUS. The functional scope matches a Lark task skill, but it depends on a third-party `lark-cli` and hidden shared-auth instructions, so install trust and credential handling cannot be fully verified. No clear exfiltration or malicious behavior is shown in this fragment, but the external CLI dependency makes the skill higher risk than a direct official API integration.