Skills
skills/aaaaqwq/claude-code-skills/feishu-channel/Gen Agent Trust Hub

feishu-channel

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Communicates with open.feishu.cn, the official API domain for Feishu/Lark, which is a well-known service.
  • [PROMPT_INJECTION]: The skill acts as an ingestion point for untrusted user input from the Feishu platform, creating an indirect prompt injection surface.
  • Ingestion points: The webhook server in scripts/feishu-webhook.js receives message content from external users via the /webhook/feishu endpoint.
  • Boundary markers: The current implementation does not use explicit prompt delimiters or "ignore embedded instructions" warnings when forwarding user text.
  • Capability inventory: The skill performs network operations in scripts/feishu-webhook.js and requests access to Bash, Read, Write, and Edit tools in SKILL.md.
  • Sanitization: It implements security controls such as ALLOWED_USERS and ALLOWED_GROUPS filters to restrict interaction, and includes a mention requirement for group chats.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 10:04 PM