feishu
Warn
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The 'scripts/run.py' and 'scripts/setup_environment.py' scripts use the subprocess module to manage the Python environment and execute local files. The runner script dynamically constructs paths to execute internal scripts based on command-line arguments without rigorous path validation, which is a form of dynamic execution.
- [EXTERNAL_DOWNLOADS]: The environment setup utility automatically retrieves and installs Python packages from the public PyPI repository, including the 'lark-oapi' SDK, 'requests', 'python-dotenv', and 'pydantic'. These are well-known libraries used for the skill's primary integration tasks.
- [PROMPT_INJECTION]: The skill ingests data from local Markdown files through the 'upload-markdown' command. This process lacks sanitization or boundary markers, creating an indirect prompt injection surface where malicious instructions within processed files could potentially influence agent behavior if the content is interpreted by the model.
Audit Metadata