feishu-cli-vc

Suspicious rather than malicious. The skill’s read-only Feishu meeting/minutes capabilities fit its stated purpose, but it relies on a credentialed external CLI from a personal GitHub repository instead of an official Feishu/Lark distribution path, creating a meaningful supply-chain and credential-forwarding risk.