feishu-cli-auth
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute commands for the
feishu-cliutility to handle authentication, application registration, and data retrieval. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill manages authentication tokens and configuration data stored in
~/.feishu-cli/. These files contain sensitive access and refresh tokens, but the skill instructions specify using restrictive file permissions (0600) to limit access to the local user. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: User-provided strings for search queries and OAuth scope requests are passed as arguments to CLI commands.
- Boundary markers: None explicitly provided in the skill instructions.
- Capability inventory: Bash tool execution for all
feishu-clisubcommands (e.g.,auth,search,config). - Sanitization: The skill relies on the underlying
feishu-clitool to sanitize input before interacting with the Feishu API.
Audit Metadata