Skills
skills/cklxx/elephant.ai/feishu-bitable/Gen Agent Trust Hub

feishu-bitable

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the bash tool to execute a local Python wrapper (run.py). This script dynamically modifies the Python module search path (sys.path) to load dependencies from a computed relative directory (../feishu-cli), which is a vendor resource from the same author.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through data ingested from external Feishu Bitable tables.\n
  • Ingestion points: Record and field data retrieved via list_records and list_fields actions defined in SKILL.md.\n
  • Boundary markers: The skill does not implement delimiters or explicit instructions to ignore embedded commands within the ingested table data.\n
  • Capability inventory: The skill can create, update, and delete Feishu records and execute local shell commands via the bash tool as defined in SKILL.md and implemented in run.py.\n
  • Sanitization: There is no documented validation or escaping of external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 02:06 AM