feishu-drive
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an inherent surface for indirect prompt injection by processing data from external, potentially untrusted sources.
- Ingestion points: Retrieves file content and user comments via the download and comments endpoints described in SKILL.md.
- Boundary markers: Absent. The skill lacks instructions for the agent to delimit external content or treat it as untrusted.
- Capability inventory: The skill possesses significant capabilities including file deletion, permission modification (transferring ownership and adding members with full_access), and file uploads.
- Sanitization: Absent. No mechanisms for validating or sanitizing retrieved content are defined.
- [SAFE]: The skill exclusively interacts with official Feishu (Lark) API endpoints at open.feishu.cn, which is a recognized and well-known enterprise service provider.
Audit Metadata