feishu-cli-auth
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute feishu-cli commands via Bash to perform authentication, check token status, and manage application configurations. This is the intended primary purpose of the skill.
- [EXTERNAL_DOWNLOADS]: The documentation references the riba2534/feishu-cli GitHub repository for tool installation. As this repository belongs to the skill's author, it is considered a legitimate vendor resource.
- [CREDENTIALS_UNSAFE]: The skill handles sensitive information including Feishu App IDs, App Secrets, and OAuth tokens stored in the ~/.feishu-cli/ directory. The instructions explicitly recommend setting file permissions to 0600 to ensure only the owner can read or write the credential files, which follows security best practices for local secret management.
Audit Metadata