Skills
skills/riba2534/feishu-cli/feishu-cli-write/Socket

feishu-cli-write

Warn

Audited by Socket on May 6, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

该技能的功能与“写入飞书文档”总体一致,没有明显伪装成文档工具却窃取无关系统数据的迹象,因此不像明确恶意技能。但它高度依赖个人开发者发布的第三方 CLI,并将飞书应用凭证交给该工具处理;同时还允许代理直接执行文档权限变更和所有权转移。综合来看更符合可疑/高风险自动化技能,而非恶意软件。

Confidence: 85%Severity: 72%
Audit Metadata
Analyzed At
May 6, 2026, 06:09 AM
Package URL
pkg:socket/skills-sh/riba2534%2Ffeishu-cli%2Ffeishu-cli-write%2F@032d280af2b85334161aae90eb7bc477b5d8683b