飞书转发消息读取器

The skill is classified as suspicious due to a critical shell injection vulnerability found in `scripts/read_forward.sh`. The `APP_ID` and `APP_SECRET` variables are directly interpolated into a `curl -d` JSON payload without proper escaping, allowing for arbitrary command execution if these inputs contain malicious shell metacharacters. While the overall purpose of the skill appears benign and the Python script (`scripts/parse_forward.py`) is robust, this vulnerability poses a significant risk.