create-feishu-doc
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection as it interpolates user-supplied data (document title and content) directly into browser automation commands such as
agent-browser typeandagent-browser fill. Malicious instructions embedded in the user content could theoretically attempt to influence the agent's execution flow. - Ingestion points: Document title and content placeholders in
SKILL.md(Step 7 and Step 8). - Boundary markers: Absent; user input is not wrapped in delimiters or accompanied by instructions to ignore embedded commands.
- Capability inventory: The skill utilizes
agent-browserfor navigation, UI interaction, and capturing snapshots/screenshots across ALL steps. - Sanitization: No sanitization or validation of the user-provided strings is performed before they are processed by the browser automation tool.
Audit Metadata