Skills
skills/autogame-17/feishu-skills/feishu-batch-sender/Gen Agent Trust Hub

feishu-batch-sender

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is implemented as a Node.js CLI tool that processes various flags like --target, --messages, and --file to determine its behavior.
  • [EXTERNAL_DOWNLOADS]: The script communicates with the official Feishu API at https://open.feishu.cn/open-apis/im/v1/messages. This is a well-known enterprise communication service.
  • [DATA_EXFILTRATION]: The tool has the capability to read local files through the --file flag using fs.readFileSync. This content is then parsed and sent to the Feishu API. While this allows local data to be sent to a cloud service, it is the primary intended function of a 'batch sender' utility and targets the official platform domain.
  • [SAFE]: The skill relies on a sibling module ../feishu-common/feishu-client for authentication (fetchWithAuth), which suggests a modular and standard implementation by the vendor.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 03:32 PM