wiki-knowledge
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Communicates with open.feishu.cn, the official Lark Open API. This is a well-known service and the network activity is required for the skill's purpose.
- [CREDENTIALS_UNSAFE]: API access is managed using the LARK_TENANT_TOKEN environment variable, ensuring no sensitive keys are hardcoded in the source code.
- [COMMAND_EXECUTION]: The script run.py modifies the Python search path to include local script directories, facilitating internal module management within the skill's repository structure.
- [PROMPT_INJECTION]: The skill metadata contains instructions for automated workflows and title inference. These patterns are designed to improve agent efficiency and do not attempt to bypass safety constraints. Additionally, the skill presents a surface for indirect prompt injection as it processes wiki content. Ingestion points: run.py (list_spaces, list_nodes, get_node). Boundary markers: None. Capability inventory: Network access and document creation. Sanitization: None.
Audit Metadata