This meeting automation skill is not clearly malicious, but it needs review because it can send meeting content to external workplace tools under broad triggers and has inconsistent packaging and disclosure.
Install only if you are comfortable with meeting transcripts, summaries, action items, and user identifiers being sent to configured services such as Feishu, WeCom, Notion, OpenAI, or SkillPay. Review and narrow the trigger wording, add confirmation before posting or creating tasks, validate webhook hosts, fix the missing requirements file and broken main_processor.py, and avoid running cleanup on original local recordings.