The Agent Skills Directory

[DATA_EXFILTRATION]: The skill contains hardcoded default identifiers for Feishu Drive folders (DYPXf8ZktlOCIXdmGq3cfjevn2F) and Wiki spaces (7313882962775556100). If a user does not provide specific destination tokens in their configuration file, the skill defaults to these identifiers, potentially resulting in the creation of documents containing sensitive information in locations not controlled by the user.
[DATA_EXFILTRATION]: The add_permission function is designed to automatically grant 'full_access' permissions to a collaborator defined by FEISHU_AUTO_COLLABORATOR_ID. If this identifier is misconfigured or points to an unauthorized account, every document created by the skill will be automatically shared with that account.
[CREDENTIALS_UNSAFE]: The skill instructs users to store sensitive API credentials (FEISHU_APP_ID, FEISHU_APP_SECRET) in a local environment file (~/.claude/feishu-config.env). While this is a common practice for secret management in local scripts, the logic transmits these credentials to a configurable API domain.
[COMMAND_EXECUTION]: The skill executes local Python scripts (scripts/create_doc.py) to process files and interact with the Feishu API.
[DATA_EXFILTRATION]: Indirect Prompt Injection surface (Category 8). 1. Ingestion points: Content is ingested from local Markdown files or AI-generated text. 2. Boundary markers: No delimiters or ignore instructions are applied to the document content. 3. Capability inventory: Document creation, content writing, and permission management via Feishu API. 4. Sanitization: No sanitization is performed on input text before conversion to document blocks.

feishu-doc-creator