x-article-publisher

Pass

Audited by Gen Agent Trust Hub on Jul 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: Uses the Python subprocess module to execute the feishu2md command-line tool for article conversion.
  • [COMMAND_EXECUTION]: Executes shell commands via subprocess.run(shell=True) to verify the availability of required system utilities such as feishu2md and playwright-cli.
  • [EXTERNAL_DOWNLOADS]: Downloads article content and video media blocks from Feishu's official API domain (open.feishu.cn) using user-provided credentials.
  • [DATA_EXFILTRATION]: Accesses Feishu API credentials (App ID and App Secret) from environment variables and local configuration files (e.g., ~/.config/feishu2md/config.json) to authenticate media downloads.
  • [DATA_EXFILTRATION]: Automatically searches common user directories (~/Downloads, ~/Desktop, ~/Pictures) to resolve and access media files referenced in Markdown articles.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 10, 2026, 09:21 AM