Back to skill
Skillv1.0.2
Static analysis security
Feishu Interactive Cards · Deterministic local checks for risky code patterns and metadata mismatches.
Scanner verdict
ReviewApr 30, 2026, 4:57 AM
- Summary
- Detected: suspicious.env_credential_access, suspicious.potential_exfiltration
- Reason codes
- suspicious.env_credential_accesssuspicious.potential_exfiltration
- Engine
- v2.4.5
Evidence
criticalscripts/card-callback-server.js:29
Environment variable access combined with network send.
suspicious.env_credential_access
warnscripts/card-callback-server.js:13
File read combined with network send (possible exfiltration).
suspicious.potential_exfiltration
warnscripts/send-card.js:12
File read combined with network send (possible exfiltration).
suspicious.potential_exfiltration
warnscripts/test.js:106
File read combined with network send (possible exfiltration).
suspicious.potential_exfiltration