Back to plugin

Security audit

Lark CLI

Security checks across malware telemetry and agentic risk

Overview

This plugin is a broad Lark account command runner and its implementation can turn the free-form Lark command field into arbitrary local shell execution.

Review this carefully before installing. It can operate broadly on your Lark/Feishu account and the current implementation should be treated as risky because a free-form command string is passed to a shell. Prefer a version that uses structured arguments and confirmations, and use a limited Lark account or app permissions if you proceed.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.