Skills
skills/cklxx/elephant.ai/feishu-im-read/Gen Agent Trust Hub

feishu-im-read

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script skills/feishu-cli/run.py using the bash tool. This is the intended mechanism for the skill's functionality and processes JSON payloads to interact with the Feishu API.\n- [PROMPT_INJECTION]: The skill handles external data (chat messages and history) which introduces a surface for indirect prompt injection. Malicious instructions embedded in chat messages could potentially influence the agent's behavior.\n
  • Ingestion points: Retrieval of chat history and message content via the history and upload_file actions (file: SKILL.md).\n
  • Boundary markers: No explicit instructions are provided to the agent to ignore or delimit embedded instructions within the processed messages.\n
  • Capability inventory: The skill can execute system commands via bash and perform network operations through the Feishu CLI script (file: SKILL.md).\n
  • Sanitization: No content validation or sanitization logic is described in the skill's configuration.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 02:06 AM