feishu-binding

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill uses a standard OAuth2 device authorization flow for account binding. It instructs the agent to initiate the flow, present a verification link or QR code to the user, and poll for a completion status once the user confirms. All operations are performed through the built-in feishu tool.
  • [SAFE]: No external downloads, remote code execution, or credential exposures were detected. The domains mentioned (feishu.cn, larksuite.com) are the official sites for the services described.
  • [SAFE]: The skill follows least-privilege principles by requiring user confirmation before destructive actions like disconnect and avoiding automatic polling.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 01:48 PM
Security Audit — agent-trust-hub — feishu-binding