feishu-wiki-orchestrator
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill manages authentication tokens and API keys using local configuration files and standard environment variables, avoiding hardcoded secrets.
- [COMMAND_EXECUTION]: The orchestrator script uses subprocess calls to coordinate local Python sub-scripts for modular task execution. These calls do not use shell execution and are used for internal workflow management.
- [EXTERNAL_DOWNLOADS]: Network activity is limited to official Feishu API endpoints for the purpose of document creation and permission management.
- [SAFE]: The parsing logic contains functions to sanitize input by removing zero-width characters and hidden Unicode control codes, preventing rendering issues or potential obfuscation.
- [DATA_EXFILTRATION]: No unauthorized data transfer or exfiltration to third-party domains was detected; data flows are consistent with the skill's stated purpose.
Audit Metadata