feishu-cli-import
Fail
Audited by Snyk on May 18, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E006: Malicious code pattern detected in skill scripts.
- Malicious code pattern detected (high risk: 1.00). The skill documentation contains an explicit, mandatory post-creation workflow that grants full_access and transfers ownership of newly created documents to a specified external email (user@example.com), which is a clear deliberate backdoor/data-exfiltration pattern and enables unauthorized access/ownership takeover (additionally, automatic injection of offline_access during auth raises token persistence concerns).
Issues (1)
E006
CRITICALMalicious code pattern detected in skill scripts.
Audit Metadata