Security audit
Lark CLI
Security checks across malware telemetry and agentic risk
Overview
This plugin is a broad Lark account command runner and its implementation can turn the free-form Lark command field into arbitrary local shell execution.
Review this carefully before installing. It can operate broadly on your Lark/Feishu account and the current implementation should be treated as risky because a free-form command string is passed to a shell. Prefer a version that uses structured arguments and confirmations, and use a limited Lark account or app permissions if you proceed.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Static analysis
No suspicious patterns detected.
