Feishu Card

The skill mostly does what it claims (send Feishu cards) but its files access unspecified config (.env), write caches/temp outside the skill directory, and execute shell commands with unescaped user data — the manifest/metadata do not declare these behaviors and that mismatch is concerning.

This skill implements Feishu card sending and mostly matches its description, but there are important mismatches you should address before installing: - Verify ../feishu-common: The skill depends on a sibling module for auth. Inspect that module now to see which environment variables or secrets it expects (APP ID/SECRET, app access tokens, etc.). The skill itself does not declare those env vars in the registry metadata. - Check ../../.env and workspace layout: send.js explicitly loads '../../.env'. Make sure that file does not contain unrelated or high-value secrets you don't want the skill to access. Prefer providing only the minimal Feishu credentials in a dedicated config location. - Review file writes: the skill creates/reads files under ../../temp and ../../memory (caching image keys and creating temp message files). If you run this in a shared workspace, those files can be observed or persisted — consider running the skill in an isolated directory or container. - Fix/avoid command injection: handle_event.js builds an execSync command with user data (menuKey) interpolated without escaping. If you use this handler, ensure the event payload is trusted or modify the code to avoid shell execution (use child_process.spawn with args array or call the sendCard function directly). Prefer using send_safe.js which writes message content to a file first, but note send_safe still execs send.js; it reduces but does not eliminate risk if filenames or targets are untrusted. - Confirm expected credentials: ask the skill author or inspect feishu-common to confirm which env vars are required and update registry metadata to list them. If you cannot confirm, do not grant this skill access to workspace-level secret files. If you decide to proceed: run the skill in an isolated environment, review and possibly harden the two execSync call sites, and ensure the .env only contains the minimal Feishu credentials needed for the integration.