coze-api

The skill's stated purpose (Coze API integration for chat and workflows) is coherent with its capabilities and data flows. It relies on standard API calls to official endpoints and uses tokens for authentication, which is expected for such integrations. Minor security concerns arise from sample code showing hard-coded PAT usage and potential credential exposure in logs or stdout if not properly managed. Overall, the footprint is proportionate to the stated purpose, with moderate risk primarily around credential handling practices and secure secret management. No evidence of malicious behavior or improper exfiltration beyond legitimate API use.