feishu-evolver-wrapper

The module is a harmless convenience wrapper that introduces real security and operational risks when used to run shell commands constructed from untrusted data. It is not itself a backdoor or malware, but it enables command injection and sensitive-data leakage via caching if callers misuse it. Review codepaths that call cachedExec; avoid passing unsanitized user-controlled strings into it, and apply mitigations (use spawn with args, escape inputs, limit cached output sizes, add cache caps).

The module is a maintainer tool for validating and auto-healing local 'skills'. It contains no obvious hard-coded credentials or direct exfiltration routines. However, it performs two actions that create significant supply-chain and execution risk: (1) requiring untrusted skill entry modules to detect missing node_modules, which executes arbitrary module code; and (2) automatically running npm install in skill directories, which can run package lifecycle scripts and fetch remote code. These behaviors can lead to arbitrary code execution if any skill directory is malicious or has been tampered with. Mitigations: disable autoHeal in untrusted environments, avoid requiring skill code (prefer static analysis), run the monitor in a sandbox/container with restricted privileges and network access, and add strict validation and logging instead of silent error swallowing.