Skills
skills/aaaaqwq/agi-super-team/feishu-doc-optimizer/Gen Agent Trust Hub

feishu-doc-optimizer

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface identified where the agent processes external document content.
  • Ingestion points: scripts/feishu_doc_reader.py retrieves raw_content from Feishu documents via the docx/v1/documents API.
  • Boundary markers: No boundary markers or instructions are present to prevent the agent from obeying commands embedded within the document being optimized.
  • Capability inventory: scripts/feishu_doc_editor.py has the ability to clear and overwrite document content using Playwright keyboard automation (Control+a, Backspace).
  • Sanitization: No sanitization or validation of the retrieved document content is performed before processing.
  • [DATA_EXFILTRATION]: The skill accesses and reads sensitive user document data from the Feishu cloud platform to perform its optimization tasks.
  • [COMMAND_EXECUTION]: The skill executes local Python scripts to automate browser actions and interact with web APIs. The editor script connects to a local browser session via the Chrome DevTools Protocol (CDP) on 127.0.0.1:18800.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 06:58 AM