Skills
skills/will-17173/nanoclaw-add-feishu-skill/add-feishu/Gen Agent Trust Hub

add-feishu

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Downloads the @larksuiteoapi/node-sdk package from the public NPM registry. This is the official library provided by ByteDance for interacting with the Feishu/Lark Open Platform.
  • [COMMAND_EXECUTION]: Utilizes system commands for skill application and service management. Runs npx tsx scripts/apply-skill.ts to perform the code integration and uses launchctl (macOS) or systemctl (Linux) to restart the agent service after installation.
  • [SAFE]: No malicious behavior, obfuscation, or unauthorized data access detected. The skill handles sensitive credentials (App ID and Secret) through standard environment variables and connects exclusively to the official Feishu API endpoints (open.feishu.cn). The message ingestion surface in src/channels/feishu.ts is limited to communication functionality without introducing dangerous capabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 03:53 AM