feishu-cli-auth

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to parse and forward sensitive strings verbatim (device_code, verification_uri_complete, app_secret, access_token, refresh_token) — including passing device_code/app_secret/token values into subsequent CLI commands or JSON outputs — which requires the LLM to handle and emit secrets directly, creating exfiltration risk.