60
grade C
10 days ago
glama
lark-mcp
An MCP server that enables AI assistants to search, read, create, and update Feishu/Lark documents and wiki pages. It facilitates seamless document management and wiki searches through OAuth-authenticated API access.
Install from
M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.
// key findings
⚠️
Known vulnerabilities in dependencies: 3 high
Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.
✅
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
🔐
You'll be asked for 2 credentials: LARK_APP_SECRET, MCP_API_KEY
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from
process.env. You'll be asked to provide them before it can run.config
FEISHU_DOMAIN— No Your Feishu tenant domain (default: feishu.cn)config
LARK_APP_ID— Yes Feishu app ID🔐 secret
LARK_APP_SECRET— Yes Feishu app secretconfig
LARK_OAUTH_SCOPE— No OAuth scopes (default: docx:document docx:document:readonly wiki:wiki:readonly search:docs:read)🔐 secret
MCP_API_KEYconfig
MCP_SSE_PORTconfig
MCP_TRANSPORTconfig
OAUTH_PORT— No Local port for OAuth callback (default: 9997)// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 5 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[](https://m8ven.ai/mcp/lovelts-lark-mcp-1727v9)commit: b4289c387364511ec1af98f027723758a2502b68
code hash: dc2ae988c11b69eea6f2e9d00dec498b2ef74565d367464a16b35ef1b64d7048
verified: 4/11/2026, 2:32:56 PM