feishu-user

The skill provides legitimate functionality for managing Feishu documents using user access tokens. All network communications are directed to official Feishu API endpoints (open.feishu.cn, accounts.feishu.cn). The `SKILL.md` instructions are clear and do not contain any prompt injection attempts or directives for the AI agent to perform unauthorized actions. The `feishu_client.py` script handles document operations, and `feishu_token.py` manages OAuth token acquisition and refresh, storing tokens in a standard user configuration file (`~/.config/claw-feishu-user/config.json`). While storing tokens locally carries inherent risk, and content parameters could theoretically be misused for content injection if untrusted input is provided, these are common considerations for such utilities and do not indicate malicious intent within the skill itself.