content-collector

SUSPICIOUS: the core Feishu collection workflow is coherent, but the skill relies on multiple unreviewed third-party skills and processes arbitrary external content before taking write actions. The main risks are transitive trust and indirect prompt injection, not confirmed malware or obvious credential theft.