Skills
skills/cklxx/elephant.ai/okr-native/Gen Agent Trust Hub

okr-native

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill communicates with https://open.feishu.cn, the official API endpoint for the Feishu/Lark enterprise collaboration platform. These requests are used to fetch OKR periods, user OKR lists, and details.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes user-generated content (OKR titles and descriptions) from an external API and presents it to the agent.
  • Ingestion points: Data enters through the _lark_api function in run.py from endpoints such as /okr/v1/users/{user_id}/okrs and /okr/v1/okrs/batch_get.
  • Boundary markers: No explicit delimiters or instructions are used to distinguish the retrieved data from system instructions.
  • Capability inventory: The script has network access via urllib and filesystem access through environment variable loading, but it does not execute arbitrary shell commands or subprocesses.
  • Sanitization: No sanitization or filtering of the retrieved OKR content is performed before it is passed to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 12:35 AM