wecom-meeting-create

SUSPICIOUS: The core behavior matches meeting scheduling, but the skill has notable trust and scope issues. It requires an unspecified MCP tool and a second skill with no verifiable provenance in the skill text, fetches the full visible contact list to resolve invitees, and authorizes creating meetings without confirmation. No clear credential theft or malicious exfiltration is evident, but the transitive trust chain and broad directory access raise medium risk.