Skills
skills/aaaaqwq/agi-super-skills/feishu-channel/Gen Agent Trust Hub

feishu-channel

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted chat messages from Feishu, which could contain malicious instructions designed to bypass agent constraints (Indirect Prompt Injection).
  • Ingestion points: The Express server in scripts/feishu-webhook.js receives message events via the /webhook/feishu endpoint.
  • Boundary markers: The forwarded payload in handleMessageEvent does not wrap user text in protective delimiters or provide the agent with context regarding the untrusted nature of the input.
  • Capability inventory: According to SKILL.md, the agent is granted access to sensitive tools including Bash, Read, Write, and Edit, which increases the potential impact of a successful injection.
  • Sanitization: The logic in scripts/feishu-webhook.js extracts the message text and removes @mentions but does not perform content validation, filtering, or sanitization to prevent the execution of embedded commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:55 AM