Skills
skills/etzhang/openclaw-skills/feishu-integration/Gen Agent Trust Hub

feishu-integration

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through tools that read document content. \n
  • Ingestion points: Tools such as feishu_doc_read and feishu_doc_get_block (referenced in SKILL.md) retrieve untrusted data from Feishu documents into the agent's context. \n
  • Boundary markers: No specific delimiters or boundary markers are defined in the documentation to distinguish retrieved document content from system instructions. \n
  • Capability inventory: The skill has significant capabilities to modify the environment via feishu_doc_write, feishu_doc_append, and feishu_doc_delete_block. \n
  • Sanitization: No sanitization or validation logic for external content is specified in the provided documentation or setup scripts. \n- [EXTERNAL_DOWNLOADS]: Documentation in SKILL.md describes standard dependency installation via pip install -r requirements.txt. \n- [COMMAND_EXECUTION]: The skill includes utility bash scripts (scripts/install.sh and scripts/examples.sh) that perform routine environment checks and print usage instructions; these are standard administrative operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 07:02 AM