lark

The skill's footprint is coherent with its stated purpose of integrating with Lark services for documents, messaging, and data access. It relies on local scripts and MCP-provided tools, uses standard credential storage, and communicates with official Lark endpoints. While credential/configuration files and token caching introduce typical security considerations, there is no evidence of remote exfiltration, unverifiable binaries, or misuse of credentials beyond standard practice. Overall, classify as BENIGN with LOW-MEDIUM risk due to credential handling and local token storage; ensure proper secret management and access controls to minimize exposure.