md-to-feishu

SUSPICIOUS. The skill’s core purpose is coherent, but it routes sensitive data through third parties in two places: Feishu credentials are entrusted to the external feishu-docx CLI, and Mermaid diagram contents are sent to mermaid.ink. Install sources are partly trustworthy (official Astral installer, PyPI), but the overall data flow is not fully direct to official Feishu services.