feishu-user-auth
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a binary wrapper in the
bin/directory to spawn its internal Node.js scripts. This is a standard and safe deployment pattern for CLI tools. - [EXTERNAL_DOWNLOADS]: Network operations are restricted to official Feishu and Lark domains (
open.feishu.cn,open.larksuite.com) for the purposes of authentication and metadata retrieval. These are well-known technology service providers. - [SAFE]: Sensitive data, including authentication tokens and application secrets, are stored locally in the user's home directory (
~/.feishu-auth). The skill does not transmit these credentials to any third-party or non-authoritative servers.
Audit Metadata